Lucene search
K

6396 matches found

F5 Networks
F5 Networks
•added 2016/05/25 12:0 a.m.•36 views

SOL20804323 - NTP vulnerability CVE-2016-2518

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.3CVSS1.3AI score0.15081EPSS
Exploits0References10
F5 Networks
F5 Networks
•added 2016/02/26 12:0 a.m.•36 views

SOL21057235 - libpng out-of-bounds read vulnerability CVE-2015-7981

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS1.8AI score0.06359EPSS
Exploits1References7
F5 Networks
F5 Networks
•added 2016/02/22 12:0 a.m.•36 views

SOL74435036 - libGraphite vulnerabilities

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.3CVSS2.6AI score0.0831EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2016/02/18 12:0 a.m.•36 views

SOL19157044 - libtirpc vulnerability CVE-2013-1950

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS1.6AI score0.0646EPSS
Exploits2References12
F5 Networks
F5 Networks
•added 2016/01/20 12:0 a.m.•36 views

SOL60352002 - SNTP vulnerability CVE-2015-5219

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.2AI score0.05839EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2015/11/02 12:0 a.m.•36 views

SOL17529 - NTP vulnerability CVE-2015-7703

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1AI score0.03823EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/10/16 12:0 a.m.•36 views

SOL17449 - Apache Struts 2 vulnerability CVE-2015-5169

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

6.1CVSS3.6AI score0.07551EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/10/15 12:0 a.m.•36 views

SOL17386 - vCMP DoS vulnerability CVE-2015-6546

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading the vCMP host to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than...

6.1CVSS1.9AI score0.00721EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2015/09/14 12:0 a.m.•36 views

SOL17256 - D-Bus vulnerability CVE-2014-3638

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. The D-Bus daemon is only for package dependency reasons. The impact of the D-Bus daemon becoming unavailable is close to...

2.1CVSS0.2AI score0.00388EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/09/08 12:0 a.m.•36 views

SOL17235 - PCRE library vulnerability CVE-2015-3210

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

9.8CVSS0.3AI score0.09157EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2015/08/12 12:0 a.m.•36 views

SOL17114 - NTP vulnerability CVE-2015-5146

A flaw was found in the way ntpd processed certain remote configuration packets. CVE-2015-5146 - pending An attacker could use a specially crafted package to cause ntpd to become unresponsive when all of the following conditions are met: The ntpd configuration has enabled remote configuration. Th...

5.3CVSS6.1AI score0.04095EPSS
Exploits0References12
F5 Networks
F5 Networks
•added 2015/07/08 12:0 a.m.•36 views

SOL16871 - logrotate vulnerability CVE-2011-1155

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

1.9CVSS1.5AI score0.00387EPSS
Exploits1References5
F5 Networks
F5 Networks
•added 2015/07/07 12:0 a.m.•36 views

SOL16870 - logrotate vulnerability CVE-2011-1154

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

6.9CVSS2.8AI score0.00412EPSS
Exploits1References6
F5 Networks
F5 Networks
•added 2015/07/02 12:0 a.m.•36 views

SOL16876 - Mount (seunshare_mount) vulnerability CVE-2011-1101

CVE-2011-1101 The seunsharemount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux RHEL 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the...

6.9CVSS3.4AI score0.01448EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2015/07/01 12:0 a.m.•36 views

SOL16831 - BSD regex library vulnerability CVE-2015-2305

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

6.8CVSS1AI score0.0837EPSS
Exploits1References5
F5 Networks
F5 Networks
•added 2015/06/04 12:0 a.m.•36 views

SOL16718 - libTIFF vulnerability CVE-2010-2596

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

4.3CVSS0.8AI score0.02239EPSS
Exploits1References13
F5 Networks
F5 Networks
•added 2015/04/24 12:0 a.m.•36 views

SOL16506 - NTP vulnerability CVE-2015-1799

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

4.3CVSS1.5AI score0.00902EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/11/05 12:0 a.m.•36 views

SOL15797 - Linux kernel vulnerability CVE-2012-4461

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...

1.9CVSS2.8AI score0.00356EPSS
Exploits0References7
F5 Networks
F5 Networks
•added 2014/10/02 12:0 a.m.•36 views

SOL15652 - SASL vulnerability CVE-2009-0688

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

7.5CVSS3.4AI score0.08206EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/09/24 12:0 a.m.•36 views

SOL15622 - wolfSSL CyaSSL vulnerability CVE-2013-1623

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL167: Downloading software a...

4.3CVSS4.4AI score0.02424EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/09/05 12:0 a.m.•36 views

SOL15541 - OpenSSL vulnerability CVE-2014-3509

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

6.8CVSS2.7AI score0.13359EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/08/18 12:0 a.m.•36 views

SOL15516 - LZ4 compression vulnerability CVE-2014-4715

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

5CVSS3AI score0.08103EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/06/19 12:0 a.m.•36 views

SOL15348 - OpenSSL DTLS Buffer vulnerability CVE-2009-1387

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS0.5AI score0.10254EPSS
Exploits1References14
F5 Networks
F5 Networks
•added 2014/06/19 12:0 a.m.•36 views

SOL15355 - OpenSSL DTLS Buffer vulnerability CVE-2009-1379

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...

5CVSS2AI score0.18241EPSS
Exploits2References5
F5 Networks
F5 Networks
•added 2014/06/19 12:0 a.m.•36 views

SOL15351 - OpenSSL DTLS ChangeCipherSpec vulnerability CVE-2009-1386

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS2.8AI score0.80134EPSS
Exploits9References5
F5 Networks
F5 Networks
•added 2014/06/17 12:0 a.m.•36 views

SOL15341 - BIG-IP ASM Virtual Edition may run out of memory under certain DoS conditions

Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. To mitigate this vulnerability, you can perform one or more of the following procedures, depending on the traffic...

0.6AI score
Exploits0References6Affected Software1
F5 Networks
F5 Networks
•added 2014/06/06 12:0 a.m.•36 views

SOL15310 - Data Manager SQL Injection Remote Code Execution vulnerability CVE-2014-2949

Vulnerability Recommended Actions To mitigate this vulnerability, you can stop the Data Manager Service when not in use. To do so, perform the following procedure: Impact of action: Performing the following procedure should not have a negative impact on your system. 1. Log in as admin to Data...

6.5CVSS1.4AI score0.01421EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/04/17 12:0 a.m.•36 views

SOL15180 - OpenSSL vulnerability CVE-2013-4353

Recommended action You can eliminate this vulnerability by running a version listed in the Versions known to be not vulnerable column. If the column does not list a version that is newer than the version you are running, then no upgrade candidate currently exists. To mitigate this vulnerability,...

4.3CVSS2.9AI score0.11851EPSS
Exploits0References7
F5 Networks
F5 Networks
•added 2011/06/29 12:0 a.m.•36 views

SOL12953 - A Cross-Site Scripting (XSS) vulnerability exists in the BIG-IP ASM Web Scraping feature

To determine if the BIG-IP ASM configuration contains any vulnerable security policies, check whether the policies configured on the system have the Web Scraping feature set to Block. To do so, open the Configuration utility and navigate to Application Security Policy List policyname Blocking...

0.7AI score
Exploits0References1Affected Software1
F5 Networks
F5 Networks
•added 2008/06/30 12:0 a.m.•36 views

SOL8923 - Linux kernel vulnerability CVE-2007-2875

A flaw in the cpuset support allows a local user to obtain sensitive information from kernel memory. Information about this advisory is available at the following location:...

2.1CVSS4.9AI score0.00436EPSS
Exploits0
F5 Networks
F5 Networks
•added 2008/05/01 12:0 a.m.•36 views

SOL8700 - Remote web service buffer overflow vulnerability

F5 has determined that a buffer overflow vulnerability exists in FirePass web services that provide User access, which could allow a remote attacker to gain privileged access to the FirePass controller. Web services providing User access can be identified by the U in the Services column on the...

3.4AI score
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•36 views

SOL1907 - mod_ssl and Apache_SSL buffer overflow - CAN-2002-0082

Information about this vulnerability can be found at the following location:...

7.5CVSS0.7AI score0.29878EPSS
Exploits1
F5 Networks
F5 Networks
•added 2006/08/22 12:0 a.m.•36 views

SOL6535 - Denial of service vulnerability in GnuPG - CVE-2006-3082

F5 Product Development tracked this issue as CR66994, CR66995, and CR66996 and it was fixed in BIG-IP 9.1.3, 9.3.0, and 9.4.0. For information about upgrading, refer to the BIG-IP LTM, ASM, GTM, Link Controller, or WebAccelerator release notes. F5 Product Development tracked this issue and it was...

5CVSS1.9AI score0.07173EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/10/19 12:5 a.m.•35 views

K000141503: Intel UEFI vulnerability CVE-2023-42772

Security Advisory Description Untrusted pointer dereference in UEFI firmware for some IntelR reference processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-42772 Impact There is no impact; F5 products are not affected by this vulnerabilit...

8.7CVSS6.8AI score0.00169EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/10/16 1:28 p.m.•35 views

K000140061: BIG-IP monitors vulnerability CVE-2024-45844

Security Advisory Description BIG-IP monitor functionality may allow an authenticated attacker with at least Manager role privileges to elevate their privileges and/or modify the configuration. CVE-2024-45844 Impact This vulnerability may allow an authenticated attacker with Manager role privileg...

8.6CVSS6.7AI score0.10582EPSS
Exploits1Affected Software12
F5 Networks
F5 Networks
•added 2024/09/12 4:8 a.m.•35 views

K000141046: Python PyPA vulnerability CVE-2022-40897

Security Advisory Description Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service ReDoS in packageindex.py. CVE-2022-40897 Impact...

5.9CVSS6.8AI score0.02617EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/06/05 4:30 p.m.•35 views

K000139901: PyYAML vulnerability CVE-2017-18342

Security Advisory Description In PyYAML before 5.1, the yaml.load API could execute arbitrary code if used with untrusted data. The load function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function. CVE-2017-18342 Impact A...

9.8CVSS7.8AI score0.06031EPSS
Exploits1Affected Software13
F5 Networks
F5 Networks
•added 2024/05/21 4:33 p.m.•35 views

K000139685: Python vulnerability CVE-2023-40217

Security Advisory Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the...

5.3CVSS7.5AI score0.0079EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/05/17 4:28 p.m.•35 views

K000139667: MySQL vulnerability CVE-2024-21056

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ...

4.9CVSS5.2AI score0.00887EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/04/18 4:27 p.m.•35 views

K000139340: Apache Tomcat vulnerability CVE-2024-22029

Security Advisory Description A flaw was found in the Tomcat package of OpenSUSE and derived distributions. This issue occurs due to incorrect permissions and a race condition in the %post section of the Tomcat RPM package, resulting in local privilege escalation when the Tomcat package is...

7.8CVSS6.4AI score0.00182EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/02/23 7:29 p.m.•35 views

K000138704: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2024-20964 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Difficult to exploit vulnerability allows low privileged attacker with...

5.3CVSS4.2AI score0.01096EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/02/14 1:42 p.m.•35 views

K98606833: BIG-IP and BIG-IQ scp vulnerability CVE-2024-21782

Security Advisory Description BIG-IP or BIG-IQ Resource Administrators and Certificate Managers who have access to the secure copy scp utility but do not have access to Advanced Shell bash can execute arbitrary commands with a specially crafted command string. This vulnerability is due to an...

6.7CVSS7.3AI score0.00178EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2024/02/14 1:33 p.m.•35 views

K000137522: BIG-IP iControl REST vulnerability CVE-2024-22093

Security Advisory Description When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint on multi-bladed systems. A successful exploit can allow the attacker to cross a security boundary. CVE-2024-22093 Impact This...

8.7CVSS8.8AI score0.00835EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2024/02/14 1:29 p.m.•35 views

K000134516: BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability CVE-2024-23979

Security Advisory Description When an SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. CVE-2024-23979 Impact System performance can...

7.5CVSS7.6AI score0.00342EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2024/02/14 1:26 p.m.•35 views

K000135873: BIG-IP Websockets vulnerability CVE-2024-21849

Security Advisory Description When an Advanced WAF/ASM security policy and a Websockets profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM process to terminate. CVE-2024-21849 Impact Traffic is disrupted while the TMM process restarts...

7.5CVSS7.6AI score0.00515EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2024/01/31 5:27 p.m.•35 views

K000138425: SQLite vulnerability CVE-2023-7104

Security Advisory Description A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow...

7.3CVSS5.7AI score0.01249EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/12/18 5:5 a.m.•35 views

K000137940: Multiple Oracle MySQL vulnerabilities

Security Advisory Description CVE-2023-22015 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.42 and prior and 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access...

4.9CVSS5AI score0.00891EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/12/05 6:42 a.m.•35 views

K000137790: Linux kernel vulnerability CVE-2023-3609

Security Advisory Description A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in...

7.8CVSS6.7AI score0.00458EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/10/09 5:26 p.m.•35 views

K000137187: GlibC vulnerability CVE-2023-4911

Security Advisory Description A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with...

7.8CVSS7.2AI score0.81422EPSS
Exploits28
F5 Networks
F5 Networks
•added 2023/08/29 11:42 a.m.•35 views

K000136011: Apache Tomcat Open Redirect vulnerability CVE-2023-41080

Security Advisory Description URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.9...

6.1CVSS7.5AI score0.05972EPSS
Exploits0
Total number of security vulnerabilities5000