Lucene search
K

6396 matches found

F5 Networks
F5 Networks
•added 2023/02/21 5:29 p.m.•38 views

K21632201: Linux kernel vulnerability CVE-2011-5321

Security Advisory Description The ttyopen function in drivers/tty/ttyio.c in the Linux kernel before 3.1.1 mishandles a driver-lookup failure, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via crafted acce...

5.5CVSS5.9AI score0.0037EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 4:17 p.m.•38 views

K14734: Apache HTTP server vulnerability CVE-2013-2249

Security Advisory Description modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...

7.5CVSS8.1AI score0.14255EPSS
Exploits3Affected Software1
F5 Networks
F5 Networks
•added 2023/01/10 9:51 p.m.•38 views

K000130541: Grub2 vulnerability CVE-2022-28734

Security Advisory Description Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte...

8.1CVSS7.7AI score0.01131EPSS
Exploits0
F5 Networks
F5 Networks
•added 2022/12/31 1:23 a.m.•38 views

K64571774: BIG-IP virtual server TCP sequence numbers vulnerability CVE-2020-5947

Security Advisory Description On specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. CVE-2020-5947 Impact Attackers may be able to spoof TCP packet...

4.3CVSS4.8AI score0.00688EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2022/12/16 9:48 p.m.•38 views

K11509465: Apache mod_http2 vulnerability CVE-2018-1302

Security Advisory Description When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usua...

5.9CVSS6.5AI score0.13436EPSS
Exploits0
F5 Networks
F5 Networks
•added 2016/10/20 12:0 a.m.•38 views

SOL47006155 - libTIFF vulnerability CVE-2016-3990

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.8CVSS2.8AI score0.03886EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/09/06 12:0 a.m.•38 views

SOL52439336 - FreeType vulnerabilities CVE-2014-9746 and CVE-2014-9747

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

9.8CVSS1.6AI score0.03287EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2016/09/01 12:0 a.m.•38 views

SOL21284031 - GnuPG vulnerability CVE-2014-4617

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS2AI score0.03305EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/08/09 12:0 a.m.•38 views

SOL48448204 - PHP vulnerability CVE-2016-6207

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

6.5CVSS2.5AI score0.06256EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/07/18 12:0 a.m.•38 views

SOL14510263 - IPv6 Neighbor Discovery crafted packet vulnerability CVE-2016-1409

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.9AI score0.03823EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/05/25 12:0 a.m.•38 views

SOL43205719 - NTP input validation vulnerability CVE-2016-1550

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.3CVSS1.6AI score0.03634EPSS
Exploits1References12
F5 Networks
F5 Networks
•added 2016/03/04 12:0 a.m.•38 views

SOL09052213 - glibc vulnerability CVE-2015-8777

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.5CVSS3.6AI score0.0057EPSS
Exploits1References10
F5 Networks
F5 Networks
•added 2016/02/22 12:0 a.m.•38 views

SOL21230183 - NTP vulnerability CVE-2015-7976

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS2.2AI score0.03512EPSS
Exploits0References11
F5 Networks
F5 Networks
•added 2016/02/22 12:0 a.m.•38 views

SOL05046514 - NTP vulnerability CVE-2015-7979

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.4AI score0.11887EPSS
Exploits0References11
F5 Networks
F5 Networks
•added 2016/02/19 12:0 a.m.•38 views

SOL11785283 - GnuPG vulnerability CVE-2012-6085

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.8CVSS1.8AI score0.02912EPSS
Exploits1References5
F5 Networks
F5 Networks
•added 2016/01/20 12:0 a.m.•38 views

SOL49580002 - BIG-IP file validation vulnerability CVE-2015-8021

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS1.1AI score0.01352EPSS
Exploits0References9
F5 Networks
F5 Networks
•added 2015/10/16 12:0 a.m.•38 views

SOL17445 - Linux kernel vulnerability CVE-2015-4700

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

4.9CVSS3.4AI score0.00451EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/09/11 12:0 a.m.•38 views

SOL17255 - D-Bus vulnerability CVE-2014-3477

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

4CVSS1.4AI score0.00444EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/09/09 12:0 a.m.•38 views

SOL17181 - BIND vulnerability CVE-2015-5722

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.8CVSS2.2AI score0.33652EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2015/09/03 12:0 a.m.•38 views

SOL17218 - Libvirt vulnerability CVE-2014-8135

The storageVolUpload function in storage/storagedriver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service NULL pointer dereference and daemon crash via a crafted offset value in a "virsh vol-upload" command. CVE-2014-8135...

2.1CVSS7.7AI score0.00467EPSS
Exploits1References5
F5 Networks
F5 Networks
•added 2015/08/18 12:0 a.m.•38 views

SOL17047 - ICMP packet processing vulnerability CVE-2015-5058

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.8CVSS1.7AI score0.01908EPSS
Exploits0References7
F5 Networks
F5 Networks
•added 2015/08/12 12:0 a.m.•38 views

SOL17126 - Apache Struts vulnerability CVE-2014-7809

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

6.8CVSS0.9AI score0.03486EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/07/08 12:0 a.m.•38 views

SOL16865 - GNU C Library (glibc) vulnerability CVE-2015-1781

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Although the BIG-IP, BIG-IQ, and Enterprise Manager software contains the vulnerable code, BIG-IP, BIG-IQ, and Enterprise...

6.8CVSS1AI score0.05012EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/07/02 12:0 a.m.•38 views

SOL16879 - Apache Portable Runtime vulnerability CVE-2011-1928

The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of wildcard patterns, as demonstrated by...

4.3CVSS3.8AI score0.30406EPSS
Exploits5References3
F5 Networks
F5 Networks
•added 2015/06/29 12:0 a.m.•38 views

SOL16819 - Linux kernel vulnerability CVE-2015-3331

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

9.3CVSS0.9AI score0.10108EPSS
Exploits0References10
F5 Networks
F5 Networks
•added 2015/05/29 12:0 a.m.•38 views

SOL16704 - cURL and libcurl vulnerability CVE-2015-3143

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column...

5CVSS1.4AI score0.16222EPSS
Exploits1References6
F5 Networks
F5 Networks
•added 2015/04/13 12:0 a.m.•38 views

SOL16428 - setroubleshoot vulnerability CVE-2015-1815

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

10CVSS1.1AI score0.16335EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2015/04/09 12:0 a.m.•38 views

SOL16344 - Apache Tomcat vulnerability CVE-2014-0227

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

6.4CVSS1AI score0.21045EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2015/01/08 12:0 a.m.•38 views

SOL15970 - GnuTLS 3.x vulnerability CVE-2014-8564

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS2.8AI score0.03281EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/10/23 12:0 a.m.•38 views

SOL15735 - SMB vulnerability CVE-2014-7145

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.8CVSS2.6AI score0.03725EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/09/04 12:0 a.m.•38 views

SOL15552 - MIT Kerberos 5 vulnerability CVE-2014-4341

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To...

5CVSS1.9AI score0.07138EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/07/17 12:0 a.m.•38 views

SOL15428 - Apache Tomcat vulnerability CVE-2014-0096

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

4.3CVSS0.8AI score0.06905EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/01/16 12:0 a.m.•38 views

SOL14919 - Socat vulnerabilities CVE-2010-2799, CVE-2012-0219, and CVE-2013-3571

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

6.8CVSS1.8AI score0.02752EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2013/08/15 12:0 a.m.•38 views

SOL14600 - BIND vulnerability CVE-2013-3919

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.8CVSS2AI score0.0511EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2012/05/22 12:0 a.m.•38 views

SOL13605 - FirePass sudo vulnerability - CVE-2012-2053

Recommended action F5 recommends that you upgrade to the latest FirePass hotfix to ensure that you have the latest security updates. Supplemental Information CERT advisory regarding CVE-2012-2053 SOL167: Downloading software and firmware from F5 SOL10322: FirePass hotfix matrix SOL3430: Installin...

7.2CVSS6.5AI score0.0048EPSS
Exploits1References10
F5 Networks
F5 Networks
•added 2012/02/29 12:0 a.m.•38 views

SOL13432 - OpenSSL vulnerability CVE-2010-0433

Recommended action None Supplemental Information CVE-2010-0433 Note: This link will take you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge. SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS...

4.3CVSS8.3AI score0.07857EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2008/04/13 12:0 a.m.•38 views

SOL8599 - Cross-site scripting vulnerability viewing logs from the Console section of the web management interface

A cross-site scripting XSS vulnerability in the Console feature of the BIG-IP and Enterprise Manager web management interface may allow for script excecution when viewing a log file that contains malicious content. Exploitation of this vulnerability would require an attacker to generate a log ent...

6.8CVSS5.3AI score0.02423EPSS
Exploits1
F5 Networks
F5 Networks
•added 2007/12/17 12:0 a.m.•38 views

SOL8174 - F5 VPN Client for Windows is remotely exploitable through a buffer overflow

A vulnerability exists in the F5 VPN Client for Windows, also called the Standalone Client. The Client can be exploited remotely by a buffer overflow attack on one of the Client's ActiveX control components. A successful attack can result in execution of malicious commands by the remote attacker...

3.1AI score
Exploits0
F5 Networks
F5 Networks
•added 2007/09/07 12:0 a.m.•38 views

SOL7886 - Remote vulnerability in the mod_jk2 Apache module, VU #771937

A vulnerability exists in the legacy version of the modjk2 Apache module. If successfully exploited, an attacker may be able to run arbitrary code on affected system. Information about this advisory is available at the following location: F5 Product Development tracked this issue as CR83564 and i...

2.4AI score
Exploits0Affected Software6
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•38 views

SOL5534 - Apache mod_proxy message format vulnerability - CAN-2004-0700

Vulnerability description Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled...

7.5CVSS3.4AI score0.05802EPSS
Exploits0
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•38 views

SOL4447 - cURL buffer overflow vulnerability - CAN-2005-0490

Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by 1 the Curlinputntlm functio...

8.8CVSS3.6AI score0.05732EPSS
Exploits0
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•38 views

SOL5868 - Buffer overflow vulnerability in cURL - CVE-2005-4077

Because an attacker would require root access to exploit this vulnerability, it is considered to be a minor risk. You can find information about this advisory at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be remove...

4.6CVSS9.1AI score0.00516EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/11/19 12:37 a.m.•37 views

K000148582: Intel Server Board vulnerabilities CVE-2024-31154, CVE-2024-31158, CVE-2024-39609, CVE-2024-40885, and CVE-2024-41167

Security Advisory Description CVE-2024-31154 Improper input validation in UEFI firmware for some IntelR Server S2600BPBR may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-31158 Improper input validation in UEFI firmware in some IntelR Server Boar...

8.7CVSS6.9AI score0.00185EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/10/18 11:2 p.m.•37 views

K000141501: Intel UEFI vulnerability CVE-2024-21871

Security Advisory Description Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-21871 Impact There is no impact; F5 products are not affected by this vulnerability. F5 previous...

7.5CVSS6.8AI score0.00187EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/09/20 9:27 p.m.•37 views

K000141129: Python vulnerability CVE-2024-35195

Security Advisory Description Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of...

5.6CVSS7AI score0.0034EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/09/12 4:22 a.m.•37 views

K000141047: Multiple Node.js vulnerabilities

Security Advisory Description CVE-2024-22018 A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-read flag is used. This flaw arises from an inadequate permission model that fails to restrict file stats through the fs.lstat API...

8.1CVSS7.1AI score0.01411EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/08/14 1:22 p.m.•37 views

K000140111: BIG-IP Next Central Manager vulnerability CVE-2024-39809

Security Advisory Description The BIG-IP Next Central Manager user session refresh token does not expire when a user logs out. CVE-2024-39809 Impact An attacker with access to obtain a user's session cookies can continue to use that session to access BIG-IP Next Central Manager and systems manage...

8.9CVSS6.7AI score0.00413EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/08/14 1:16 p.m.•37 views

K000138477: BIG-IP MPTCP vulnerability CVE-2024-41164

Security Advisory Description When a TCP profile with Multipath TCP enabled MPTCP is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-41164 Impact Traffic is disrupted...

8.2CVSS7AI score0.0044EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2024/05/20 9:15 a.m.•37 views

K000139684: AMD processors vulnerability CVE-2023-20569

Security Advisory Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. CVE-2023-20569 Impact The...

4.7CVSS7.1AI score0.0616EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/05/20 12:8 a.m.•37 views

K000139678: MySQL Server vulnerability CVE-2024-21055

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

4.9CVSS5.2AI score0.00887EPSS
Exploits0
Total number of security vulnerabilities5000