Lucene search
K

6395 matches found

F5 Networks
F5 Networks
•added 2023/02/21 2:0 a.m.•35 views

K000132680: systemd vulnerability CVE-2022-2526

Security Advisory Description A use-after-free vulnerability was found in systemd. This issue occurs due to the onstreamio function and dnsstreamcomplete function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks...

9.8CVSS7.6AI score0.01091EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/01/25 6:15 p.m.•35 views

K000130546: Gzip vulnerability CVE-2022-1271

Security Advisory Description An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs d...

8.8CVSS7.5AI score0.04271EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/01/06 8:58 a.m.•35 views

K000130512: SQLite vulnerability CVE-2022-35737

Security Advisory Description SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. CVE-2022-35737 Impact An authenticated remote attacker can exploit this vulnerability by sending a specially crafted...

7.5CVSS7.7AI score0.17981EPSS
Exploits2Affected Software3
F5 Networks
F5 Networks
•added 2016/11/21 12:0 a.m.•35 views

SOL26430555 - MySQL vulnerability CVE-2016-5625

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7CVSS2.7AI score0.00399EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/10/19 12:0 a.m.•35 views

SOL03534020 - PHP vulnerability CVE-2016-5767

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

8.8CVSS1.1AI score0.0666EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/08/17 12:0 a.m.•35 views

SOL71489519 - Wireshark vulnerability CVE-2015-4652

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS2AI score0.02317EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/08/10 12:0 a.m.•35 views

SOL31925518 - BIG-IP APM access logs vulnerability CVE-2016-1497

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.9CVSS3.3AI score0.01529EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2016/07/28 12:0 a.m.•35 views

SOL45816067 - bzip2 vulnerability CVE-2016-3189

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

6.5CVSS2.7AI score0.15831EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/07/14 12:0 a.m.•35 views

SOL04054286 - Linux kernel TCP vulnerability CVE-2016-2070

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.8CVSS1.9AI score0.03322EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/06/27 12:0 a.m.•35 views

SOL23432135 - Apache Struts 2 vulnerability CVE-2016-3093

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.3CVSS3.1AI score0.08667EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2016/06/23 12:0 a.m.•35 views

SOL51758043 - MySQL vulnerability CVE-2016-0639

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

10CVSS2.7AI score0.10144EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/06/16 12:0 a.m.•35 views

SOL23675185 - Apache Qpid vulnerabilities CVE-2016-3094 and CVE-2016-4432

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.1CVSS2.4AI score0.08148EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/06/15 12:0 a.m.•35 views

SOL92800352 - NTP vulnerability CVE-2016-4953

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.8AI score0.17245EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/05/23 12:0 a.m.•35 views

SOL15439022 - glibc vulnerability CVE-2016-3075

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.6AI score0.07629EPSS
Exploits0References10
F5 Networks
F5 Networks
•added 2016/04/07 12:0 a.m.•35 views

SOL21632201 - Linux kernel vulnerability CVE-2011-5321

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.5CVSS2.6AI score0.0037EPSS
Exploits0References10
F5 Networks
F5 Networks
•added 2015/11/02 12:0 a.m.•35 views

SOL17517 - NTP vulnerability CVE-2015-7701

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.6AI score0.06519EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2015/09/29 12:0 a.m.•35 views

SOL17331 - PCRE library vulnerability CVE-2015-5073

Recommended Action If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently...

9.1CVSS0.2AI score0.07673EPSS
Exploits1References3
F5 Networks
F5 Networks
•added 2015/09/08 12:0 a.m.•35 views

SOL17238 - Node.js vulnerability CVE-2015-5380

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.7AI score0.02995EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/07/02 12:0 a.m.•35 views

SOL16876 - Mount (seunshare_mount) vulnerability CVE-2011-1101

CVE-2011-1101 The seunsharemount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux RHEL 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the...

6.9CVSS3.4AI score0.01448EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2015/05/26 12:0 a.m.•35 views

SOL16686 - Point-to-Point Protocol (PPP) vulnerability CVE-2015-3310

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

4.3CVSS2AI score0.05444EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2015/01/21 12:0 a.m.•35 views

SOL16010 - GNU C Library (glibc) vulnerability CVE-2014-7817

These versions of BIG-IP, BIG-IQ, and Enterprise Manager have a vulnerable version of glibc code. However, the risk level for this vulnerability is considered LOW because F5 product development has verified that the vulnerable code is NOT used in a way that would make an exploit possible. These...

4.6CVSS1.8AI score0.00578EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/01/08 12:0 a.m.•35 views

SOL15958 - Ghostscript BaseFont vulnerability CVE-2008-6679

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS2.3AI score0.04495EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/11/05 12:0 a.m.•35 views

SOL15797 - Linux kernel vulnerability CVE-2012-4461

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...

1.9CVSS2.8AI score0.00356EPSS
Exploits0References7
F5 Networks
F5 Networks
•added 2014/08/06 12:0 a.m.•35 views

SOL15478 - PHP vulnerability CVE-2012-2386

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.5AI score0.42481EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2014/07/16 12:0 a.m.•35 views

SOL15389 - OpenSSL vulnerability CVE-2011-4576

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...

5CVSS1.5AI score0.14523EPSS
Exploits0References13
F5 Networks
F5 Networks
•added 2014/06/19 12:0 a.m.•35 views

SOL15358 - OpenSSL vulnerability CVE-2009-0590

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

5CVSS2.7AI score0.06194EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2011/12/12 12:0 a.m.•35 views

SOL13233 - TMM vulnerability CVE-2013-6016

Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS...

7.8CVSS3.3AI score0.02751EPSS
Exploits0References9
F5 Networks
F5 Networks
•added 2007/09/27 12:0 a.m.•35 views

SOL7983 - ClamAV NULL dereference vulnerability - CVE-2007-4510

The FirePass controller can be configured to provide anti-virus scanning of files uploaded through Portal Access through the ClamAV open source software. Scanning is configured on the Antivirus tab of the Portal Access Content Inspection page, through the Enable Standalone virus Scanner option...

4.3CVSS9AI score0.01968EPSS
Exploits0
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•35 views

SOL1877 - OpenSSH Remote Challenge Vulnerability - CAN-2001-1279

Information about this advisory can be found at the following location:...

7.5CVSS0.5AI score0.04784EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/04/23 7:21 a.m.•34 views

K000150987: PostgreSQL pgAdmin vulnerabilities CVE-2025-2945 and CVE-2025-2946

Security Advisory Description CVE-2025-2945 Remote Code Execution security vulnerability in pgAdmin 4 Query Tool and Cloud Deployment modules. The vulnerability is associated with the 2 POST endpoints; /sqleditor/querytool/download, where the querycommited parameter and /cloud/deploy endpoint,...

9.9CVSS9.3AI score0.46222EPSS
Exploits8
F5 Networks
F5 Networks
•added 2024/12/19 11:3 p.m.•34 views

K000149072: PostgreSQL vulnerabilities CVE-2015-5288, CVE-2015-3165, CVE-2014-8161, and CVE-2014-2669

Security Advisory Description CVE-2015-5288 The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service server crash or read arbitrary server memory via a...

6.5CVSS7.3AI score0.08565EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/12/02 10:58 p.m.•34 views

K000148689: Qt vulnerability CVE-2023-32762

Security Advisory Description An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established, even when explicitly prohibited by the...

5.3CVSS6.2AI score0.00875EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2024/11/04 5:22 p.m.•34 views

K000148378: Kerberos vulnerability CVE-2024-26461

Security Advisory Description Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. CVE-2024-26461 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the...

7.5CVSS6.8AI score0.01128EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/08/23 2:16 a.m.•34 views

K000140787: Gunicorn vulnerability CVE-2024-1135

Security Advisory Description Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling HRS vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This iss...

7.5CVSS7.8AI score0.02996EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/06/03 5:14 p.m.•34 views

K000139876: Linux kernel vulnerability CVE-2021-46955

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets:...

7.1CVSS5.2AI score0.00254EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/05/21 8:59 p.m.•34 views

K000139700: Linux kernel usbmon vulnerability CVE-2022-43750

Security Advisory Description drivers/usb/mon/monbin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. CVE-2022-43750 Impact This vulnerability may allow an attacker with local access to gain improper privilege...

6.7CVSS6.6AI score0.00325EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2024/05/21 4:33 p.m.•34 views

K000139685: Python vulnerability CVE-2023-40217

Security Advisory Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the...

5.3CVSS7.5AI score0.0079EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/05/17 4:28 p.m.•34 views

K000139667: MySQL vulnerability CVE-2024-21056

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ...

4.9CVSS5.2AI score0.00887EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/05/16 3:35 p.m.•34 views

K000139654: Intel oneAPI vulnerabilities CVE-2023-24592 and CVE-2023-27383

Security Advisory Description CVE-2023-24592 Path traversal in the some IntelR oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access. CVE-2023-27383 Protection mechanism failure in some IntelR oneAP...

7.8CVSS6.8AI score0.00383EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/03/26 6:29 p.m.•34 views

K000139043: Apache Struts vulnerabilities CVE-2016-4430, CVE-2016-4431, and CVE-2016-4433

Security Advisory Description CVE-2016-4430 Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery CSRF attacks via unspecified vectors. CVE-2016-4431 Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers ...

8.8CVSS7.6AI score0.10013EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/01/10 1:47 a.m.•34 views

K000138177: OpenSSL vulnerability CVE-2023-5363

Security Advisory Description Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in...

7.5CVSS6.8AI score0.03332EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/12/18 5:5 a.m.•34 views

K000137940: Multiple Oracle MySQL vulnerabilities

Security Advisory Description CVE-2023-22015 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.42 and prior and 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access...

4.9CVSS5AI score0.00891EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/12/05 6:41 a.m.•34 views

K000137791: Linux kernel vulnerability CVE-2023-35788

Security Advisory Description An issue was discovered in flsetgeneveopt in net/sched/clsflower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCAFLOWERKEYENCOPTSGENEVE packets. This may result in denial of service or privilege escalation...

7.8CVSS6.6AI score0.00532EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/10/10 10:33 a.m.•34 views

K26910459: BIG-IP iControl REST vulnerability CVE-2023-42768

Security Advisory Description When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST, the BIG-IP non-admin user can still access the iContro...

7.2CVSS7AI score0.00533EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2023/08/29 11:42 a.m.•34 views

K000136011: Apache Tomcat Open Redirect vulnerability CVE-2023-41080

Security Advisory Description URL Redirection to Untrusted Site 'Open Redirect' vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.9...

6.1CVSS7.5AI score0.05972EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/07/03 12:29 p.m.•34 views

K000135353: Apache Commons Collection serialized object injection vulnerability CVE-2017-15708

Security Advisory Description In Apache Synapse, by default no authentication is required for Java Remote Method Invocation RMI. So Apache Synapse 3.0.1 or all previous releases 3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1 allows remote code execution attacks that can be performed by injecting speciall...

9.8CVSS9.3AI score0.17741EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/06/29 9:38 p.m.•34 views

K000135312: BIND vulnerability CVE-2023-2828

Security Advisory Description Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement i...

7.5CVSS7.2AI score0.03776EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/06/12 5:32 p.m.•34 views

K000135001: Python URLlib3 vulnerability CVE-2019-11236

Security Advisory Description In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter. CVE-2019-11236 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development...

6.1CVSS8AI score0.02056EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/05/19 7:57 a.m.•34 views

K000134680: JSON Smart vulnerability CVE-2021-31684

Security Advisory Description A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service DOS via a crafted web request. CVE-2021-31684 Impact There is no impact; F5 products are not affected by this...

7.5CVSS5.9AI score0.023EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/05/17 1:52 p.m.•34 views

K000134636: Java vulnerabilities CVE-2018-2942 and CVE-2018-2938

Security Advisory Description CVE-2018-2942 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. Supported versions that are affected are Java SE: 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

9CVSS7.7AI score0.04504EPSS
Exploits0
Total number of security vulnerabilities5000