6396 matches found
K25552364: GNU C Library vulnerability CVE-2015-8985
Security Advisory Description The popfailstack function in the GNU C Library aka glibc or libc6 allows context-dependent attackers to cause a denial of service assertion failure and application crash via vectors related to extended regular expression processing. CVE-2015-8985 Impact This...
K16940: Multiple Wireshark vulnerabilities
Security Advisory Description CVE-2014-6423 The tvbrawtextadd function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service infinite loop via an empty line./ CVE-2014-6425 The 1...
K36228121: BIG-IP DHCPv6 vulnerability CVE-2019-6643
Security Advisory Description An attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the Traffic Management Microkernel TMM process to produce a core file. CVE-2019-6643 Impact This vulnerability may allow an...
K56215245: Intel CPU vulnerabilities CVE-2019-11136 and CVE-2019-11137
Security Advisory Description CVE-2019-11136 Insufficient access control in system firmware for IntelR XeonR Scalable Processors, 2nd Generation IntelR XeonR Scalable Processors and IntelR XeonR Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial ...
K03685068: Linux kernel vulnerability CVE-2017-5972
Security Advisory Description The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service CPU consumption by sending many TCP SYN packets, as demonstrated ...
K90412202: libarchive vulnerability CVE-2015-8932
Security Advisory Description The compressbidderinit function in archivereadsupportfiltercompress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted tar file, which triggers an invalid left shift. CVE-2015-8932 Impact This functionality is expose...
K61112120: BIG-IP ASM and Advanced WAF TMUI vulnerability CVE-2022-23031
Security Advisory Description An XML External Entity XXE vulnerability exists in an undisclosed page of the F5 Advanced Web Application Firewall Advanced WAF and BIG-IP ASM Traffic Management User Interface TMUI, also referred to as the Configuration utility, that allows an authenticated...
K22572754: QEMU vulnerability CVE-2017-15289
Security Advisory Description The mode4and5 write functions in hw/display/cirrusvga.c in Qemu allow local OS guest privileged users to cause a denial of service out-of-bounds write access and Qemu process crash via vectors related to dst calculation. CVE-2017-15289 Impact There is no impact; F5...
K43871899: binutils vulnerability CVE-2018-1000876
Security Advisory Description binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. Th...
K33554143: Linux kernel vulnerability CVE-2019-15504
Security Advisory Description drivers/net/wireless/rsi/rsi91xusb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic which may be remote via usbip or usbredir. CVE-2019-15504 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K51758043: MySQL vulnerability CVE-2016-0639
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication. CVE-2016-0639 Impact There is no impact; F5 products ar...
K35255309: Linux kernel vulnerability CVE-2020-11669
Security Advisory Description An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idlebook3s.S does not have save/restore functionality for PNVPOWERSAVEAMR, PNVPOWERSAVEUAMOR, and PNVPOWERSAVEAMOR, aka CID-53a712bae5dd. CVE-2020-11669 Impact There i...
K62695363: OpenSSL vulnerability CVE-2018-0733
Security Advisory Description Because of an implementation bug the PA-RISC CRYPTOmemcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than th...
K16101409: BIG-IP AFM vulnerability CVE-2022-23028
Security Advisory Description When global AFM SYN cookie protection TCP Half Open flood vector is activated in the AFM Device Dos or DOS profile, certain types of TCP connections will fail. CVE-2022-23028 Impact This vulnerability allows a remote attacker to cause a denial-of-service DoS on the...
K23439402: Debian package management system vulnerability CVE-2022-1664
Security Advisory Description Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a...
K75501541: MySQL vulnerabilities CVE-2019-2481, CVE-2019-2482, CVE-2019-2486, CVE-2019-2494, and CVE-2019-2495
Security Advisory Description CVE-2019-2481 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attack...
K90603426: TMM with HTTP/2 vulnerability (CVE-2021-23009)
Security Advisory Description Malformed HTTP/2 requests may cause an infinite loop which causes a Denial of Service for Data Plane traffic. TMM takes the configured HA action when the TMM process is aborted. There is no control plane exposure, this is a data plane issue only.CVE-2021-23009 Impact...
K98201023: PostgreSQL vulnerability CVE-2018-16850
Security Advisory Description postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pgupgrade and pgdump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges...
K42944216: Erlang vulnerability CVE-2017-1000385
Security Advisory Description The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS 1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key this is a variation of the Bleichenbacher attack...
K10133477: BIG-IP IPsec IKE peer listener vulnerability CVE-2016-5736
Security Advisory Description The anonymous IPsec IKE peer configuration object is present and enabled in the default configuration. The settings of the anonymous IPsec IKE peer object allow an arbitrary peer to establish IKE phase 1 without certificate validation or a pre-shared key which may...
K43625118: TMM vulnerability CVE-2018-15317
Security Advisory Description In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BADRECORDMAC errors. Clients...
K17075474: glibc vulnerability CVE-2016-4429
Security Advisory Description Stack-based buffer overflow in the clntudpcall function in sunrpc/clntudp.c in the GNU C Library aka glibc or libc6 allows remote servers to cause a denial of service crash or possibly unspecified other impact via a flood of crafted ICMP and UDP packets. CVE-2016-442...
K13279: PHP vulnerability CVE-2009-4017
Security Advisory Description Prior to PHP 5.2.12, and in the 5.3.x branch prior to 5.3.1, the scripting language does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial-of-service resource exhaustio...
K00374275: Apache Traffic Server vulnerability CVE-2021-43082
Security Advisory Description Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in the stats-over-http plugin of Apache Traffic Server allows an attacker to overwrite memory. This issue affects Apache Traffic Server 9.1.0. CVE-2021-43082 Impact There is no impact;...
K22356857: APT remote code injection vulnerability CVE-2019-3462
Security Advisory Description Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. CVE-2019-3462 Impact There is no impact; F5...
K16865: GNU C Library (glibc) vulnerability CVE-2015-1781
Security Advisory Description A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could u...
K22317030: iControl REST vulnerability CVE-2017-6145
Security Advisory Description iControl REST includes a service to convert authorization BIGIPAuthCookie cookies to X-F5-Auth-Token tokens. This service does not properly re-validate cookies when making that conversion, allowing once-valid but now expired cookies to be converted to valid tokens...
K38742515: NTP vulnerability CVE-2018-7182
Security Advisory Description The ctlgetitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. CVE-2018-7182 Impact There is no impact; F5 products a...
K50242910: Intel CSME vulnerabilities CVE-2020-0533, CVE-2020-0534, CVE-2020-0536, and CVE-2020-0539
Security Advisory Description CVE-2020-0533 Reversible one-way hash in IntelR CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access. CVE-2020-0534 Improper input...
K19430431: TMM vulnerability CVE-2017-6160
Security Advisory Description A remote attacker may create maliciously crafted HTTP request to cause Traffic Management Microkernel TMM to restart and temporarily fail to process traffic. This issue is exposed on virtual servers using a Policy Enforcement profile or a Web Acceleration profile...
K02652550: OpenSSL vulnerability CVE-2016-2180
Security Advisory Description The TSOBJprintbio function in crypto/ts/tslib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol TSP implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted...
K86569155: Apache Gobblin vulnerability CVE-2021-36152
Security Advisory Description Apache Gobblin trusts all certificates used for LDAP connections in Gobblin-as-a-Service. This affects versions = 0.15.0. Users should update to version 0.16.0 which addresses this issue. CVE-2021-36152 Impact There is no impact; F5 products are not affected by this...
K65065347: Apache Struts vulnerability CVE-2018-1327
Security Advisory Description The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson XML handler as...
K05125306: glibc vulnerability CVE-2016-1234
Security Advisory Description Stack-based buffer overflow in the glob implementation in GNU C Library aka glibc before 2.24, when GLOBALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service crash via a long name. CVE-2016-1234. Impact This vulnerability may allow a...
K35209601: BIG-IP snmpd vulnerability CVE-2019-6606
Security Advisory Description When processing certain SNMP requests with a request-id of 0, the snmpd process may leak a small amount of memory. CVE-2019-6606 Impact When a remote attacker exploits this vulnerability, the BIG-IP system may consume excessive amounts of memory, which can result in ...
K94041354: OpenSSL vulnerability CVE-2019-1552
Security Advisory Description OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configurati...
K17255: D-Bus vulnerability CVE-2014-3477
Security Advisory Description The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service, which allows local users to cause a denial of service...
K17253: BIG-IP Configuration utility vulnerability CVE-2015-4040
Security Advisory Description Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors. CVE-2015-4040 Impact An...
K74007441: Linux kernel vulnerability CVE-2013-4350
Security Advisory Description The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which allows remote attackers to obtain sensitive information by sniffing the...
K34224086: MySQL vulnerability CVE-2016-5627
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to Server: InnoDB. CVE-2016-5627 Impact There is no impact; F5 products are not affected by this...
K22130301: Telnet vulnerability CVE-2020-10188
Security Advisory Description utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. CVE-2020-10188 Impact There is no impact; F5 products are...
K31022653: Spring Framework vulnerability CVE-2018-1257
Security Advisory Description Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user or...
K03534020: PHP vulnerability CVE-2016-5767
Security Advisory Description Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library aka libgd before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service heap-based buffer overflow and...
K50343028: BIG-IP FastL4 profile vulnerability CVE-2022-23029
Security Advisory Description When a FastL4 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. CVE-2022-23029 Impact System performance degradation can occur until the process is either forced to restart or manually restarted. This...
K25521404: Node.js netmask vulnerability CVE-2021-28918 and CVE-2021-29418
Security Advisory Description CVE-2021-28918 Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypa...
K36814487: BIG-IP tmsh vulnerability CVE-2020-5858
Security Advisory Description Users with non-administrator roles for example, Guest or Resource Administrator with TMOS Shell tmsh access can run arbitrary commands with elevated privilege using a crafted tmsh command. CVE-2020-5858 Impact BIG-IP and BIG-IQ This vulnerability allows unauthorized...
K00866128: Bash vulnerability CVE-2019-9924
Security Advisory Description rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASHCMDS, thus allowing the user to execute any command with the permissions of the shell. CVE-2019-9924 Impact There is no impact; F5 products are not affected by this vulnerability. Securi...
K31411450: cURL and libcurl vulnerability CVE-2016-8620
Security Advisory Description The 'globbing' feature in curl before version 7.51.0 has a flaw that leads to integer overflow and out-of-bounds read via user controlled input. CVE-2016-8620 Impact An attacker can cause a denial-of-service DoS by exploiting a flaw in the cURL tool's glob parser to...
K12600461: Multiple Intel CPU vulnerabilities
Security Advisory Description CVE-2021-0157 Insufficient control flow management in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-0158 Improper input validation in the BIOS firmware for some IntelR...
K82008830: Multiple QEMU vulnerabilities
Security Advisory Description CVE-2020-25742 pcichangeirqlevel in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pcigetbus might not return a valid pointer. CVE-2020-25743 hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer...