6396 matches found
K77671456: BIG-IP TMM vulnerability CVE-2018-5510
Security Advisory Description The Traffic Management Microkernel TMM may restart when processing a specific sequence of packets on IPv6 virtual servers. CVE-2018-5510 Note : This vulnerability does not affect IPv4 virtual servers. Impact The Traffic Management Microkernel TMM generates a core fil...
K39794285: The BIG-IP system may fail to properly parse HTTP headers that are prepended by whitespace (non RFC2616 compliant)
Security Advisory Description The BIG-IP system may fail to properly parse HTTP headers that are prepended by whitespace. This issue occurs when all of the following conditions are met: A virtual server is associated with an HTTP profile. The BIG-IP system receives a specially crafted HTTP reques...
K8424: Java Runtime Environment Vulnerability - CVE-2008-0657
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K24613253: NTP vulnerability CVE-2016-2516
Security Advisory Description NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service ntpd abort by using the same IP address multiple times in an unconfig directive. CVE-2016-2516 Impact An attacker may be able to compromise the...
K62655427: libjpeg-turbo vulnerability CVE-2013-6630
Security Advisory Description The getdht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table DHT JPEG...
K22216037: TMM vulnerability CVE-2016-9245
Security Advisory Description Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "Normalize URI" configuration options used in iRules...
K15169: PHP vulnerability CVE-2013-4113
Security Advisory Description ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct...
K15305: OpenSSL vulnerability CVE-2004-0975
Security Advisory Description The derchop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. CVE-2004-0975 Impact None. F5 products are not affected by this vulnerability...
K16355: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2015-0382 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381. CVE-2015-0381...
K15984: Linux kernel vulnerability CVE-2013-7265
Security Advisory Description The pnrecvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory...
K54167061: TMM SSL profile vulnerability CVE-2019-6592
Security Advisory Description TMM may restart and produce a core file when validating SSL certificates in Client SSL or Server SSL profiles. CVE-2019-6592 Impact BIG-IP The Traffic Management Microkernel TMM may restart and temporarily fail to process traffic. BIG-IQ, Enterprise Manager, F5...
K35195140: BIG-IQ Access Manager role vulnerability CVE-2017-6152
Security Advisory Description A local BIG-IQ user with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password. CVE-2017-6152 Impact This vulnerability allows increased privileges for user accounts with the Access...
K83384802: glibc vulnerability CVE-2016-5417
Security Advisory Description Memory leak in the resvinit function in the IPv6 name server management code in libresolv in GNU C Library aka glibc or libc6 before 2.24 allows remote attackers to cause a denial of service memory consumption by leveraging partial initialization of internal resolver...
K15095307: BDF parsing vulnerability CVE-2012-5669
Security Advisory Description The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read...
K14733: Apache HTTP server vulnerability CVE-2013-1896
Security Advisory Description moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavs...
K000132457: ImageMagick vulnerability CVE-2022-44268
Security Advisory Description ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image e.g., for resize, the resulting image could have embedded the content of an arbitrary. file if the magick binary has permissions to read it. CVE-2022-44268 Impact BIG-IP AAM, Edg...
K68151373: IP Intelligence Feed List TMUI vulnerability CVE-2019-6636
Security Advisory Description On BIG-IP AFM, ASM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a stored cross-site scripting vulnerability in AFM feed list. In the worst case, an attacker can store a CSRF which results in code execution as the admin user. Th...
K98008862: OpenLDAP vulnerability CVE-2019-13565
Security Advisory Description An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any...
SOL11091514 - MySQL vulnerability CVE-2016-5626
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL37540306 - Mozilla Network Security Services use-after-free vulnerability CVE-2016-1978
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL21485342 - Configuration utility CSRF vulnerability
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL40496533 - PHP vulnerability CVE-2016-3132
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL41613034 - NTP vulnerability CVE-2016-2519
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL45427159 - NTP authentication bypass vulnerability CVE-2016-1551
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL06223540 - F5 TCP vulnerability CVE-2015-8240
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17386 - vCMP DoS vulnerability CVE-2015-6546
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading the vCMP host to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than...
SOL17115 - Multiple MySQL vulnerabilities
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column...
SOL17114 - NTP vulnerability CVE-2015-5146
A flaw was found in the way ntpd processed certain remote configuration packets. CVE-2015-5146 - pending An attacker could use a specially crafted package to cause ntpd to become unresponsive when all of the following conditions are met: The ntpd configuration has enabled remote configuration. Th...
SOL16882 - OpenLDAP vulnerability CVE-2013-4449
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...
SOL16718 - libTIFF vulnerability CVE-2010-2596
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16506 - NTP vulnerability CVE-2015-1799
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16124 - OpenSSL vulnerability CVE-2015-0206
The SOD process is only vulnerable if the failover.secure db variable is enabled; the db variable is disabled by default. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed...
SOL15878 - bzip2 vulnerability CVE-2010-0405
Recommended action BIG-IP and Enterprise Manager If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate...
SOL15743 - BIND vulnerability CVE-2011-2465
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15546 - glibc vulnerability CVE-2014-4043
Recommended Action None Supplemental Information CVE-2014-4043 SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15131 - BIND vulnerability CVE-2010-0218
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy...
SOL10898 - DNSSEC BIND vulnerability - CVE-2009-4022
Vulnerability description and product information: Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS...
K000148646: libarchive vulnerability CVE-2018-1000879
Security Advisory Description libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards release v3.3.0 onwards contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archiveacl.c, archiveaclfromtextl that can result in Crash/DoS. This attack appear ...
K000140901: glibc vulnerability CVE-2024-2961
Security Advisory Description The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...
K000140433: MySQL vulnerability CVE-2024-21176
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.4.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to...
K000140251: Python vulnerabilities CVE-2022-48564 and CVE-2022-48566
Security Advisory Description CVE-2022-48564 readints in plistlib . py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format. CVE-2022-48566 An issue was discovered in comparedigest in...
K000139606: MySQL Server vulnerabiliity CVE-2024-21047
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
K000138894: BIG-IP Configuration utility XSS vulnerability CVE-2024-33604
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. CVE-2024-33604 Impact An attacker may exploit this...
K000139533: MySQL vulnerability CVE-2024-21090
Security Advisory Description Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...
K000138957: Libxml2 vulnerability CVE-2023-39615
Security Advisory Description Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted XML file. NOTE: the vendor's position is that...
K000138931: Intel CPU vulnerability CVE-2023-32666
Security Advisory Description On-chip debug and test interface with improper access control in some 4th Generation IntelR XeonR Processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-32666 Impact There is...
K000137595: BIG-IP AFM signature matching vulnerability CVE-2024-21771
Security Advisory Description For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel TMM restarting and traffic disruption. CVE-2024-21771 Impact When attackers exploit this...
K000138517: Python-Pillow vulnerability CVE-2023-44271
Security Advisory Description An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an...
K000138461: MIT Kerberos 5 vulnerability CVE-2023-39975
Security Advisory Description kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another. CVE-2023-39975 Impact There is no impact...
K000137887: Oracle GraalVM vulnerability CVE-2023-22091
Security Advisory Description Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Compiler. Supported versions that are affected are Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3...