6392 matches found
K98750200: Server component of Oracle MySQL vulnerabilities CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3265, and CVE-2017-3273
Security Advisory Description CVE-2017-3243 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Charsets. Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple...
K22251611: Attack signature check security exposure
Security Advisory Description BIG-IP Advanced WAF and BIG-IP ASM systems incorrectly handle certain requests. This issue occurs when the following condition is met: BIG-IP Advanced WAF and BIG-IP ASM handle a malicious request when a parameter with Base64 decoding is enabled. Impact The attack...
K42238532: BIND vulnerabilities CVE-2019-6475 and CVE-2019-6476
Security Advisory Description CVE-2019-6475 Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. A mirror zone is similar to a zone of type secondary, except that its data is subject to DNSSEC validation before being used in answers, as if i...
K87141725: BIG-IP APM redirect vulnerability CVE-2017-0302
Security Advisory Description Insufficient boundary checks on the request URL may cause the tmm process to assert when the user is redirected back to the original request URL following successful authentication to the BIG-IP APM system. CVE-2017-0302 Impact An authenticated user with an establish...
K25061316: BIND vulnerability CVE-2016-9778
Security Advisory Description An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was...
K04146019: Linux kernel vulnerability CVE-2010-5332
Security Advisory Description In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4registervlan or mlx4registermac, and there is no free entry, the loop terminates without updating the local variable fr...
K48726314: Linux kernel vulnerability CVE-2013-2140
Security Advisory Description The dispatchdiscardio function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service data loss via filesystem write operations on a read-only disk that supports th...
K44885536: iControl REST vulnerability CVE-2019-6622
Security Advisory Description Undisclosed iControl REST worker is vulnerable to command injection by an administrator or resource administrator user. This attack is only exploitable on multi-bladed systems. The vulnerability allows bypass of Appliance mode security on BIG-IP systems by allowing t...
K52513065: BinUtils vulnerabilities CVE-2018-6759 and CVE-2018-6872
Security Advisory Description CVE-2018-6759 The bfdgetdebuglinkinfo1 function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service...
K8280: Cross-site scripting vulnerabilities in BIG-IP Configuration utility CVE-2008-0265
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K60250153: Linux kernel vulnerability CVE-2017-1000112
Security Advisory Description Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSGMORE ipappenddata calls ipufoappenddata to append. However in between two send calls, the append path can be switched from UFO to non-UFO one, which lead...
K40181790: BIND vulnerability CVE-2016-9444
Security Advisory Description named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted DS resource record in an answer. CVE-2016-9444 Impact When the BIND...
K38456756: Kernel vulnerability CVE-2018-18445
Security Advisory Description In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandles 32-bit right shifts...
K15299: Linux kernel vulnerability CVE-2013-2888
Security Advisory Description Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11 allow physically proximate attackers to execute arbitrary code or cause a denial of service heap memory corruption via a crafted device...
K15013: OpenSSH vulnerability CVE-2011-0539
Security Advisory Description The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents ...
K42558402: Linux kernel vulnerability CVE-2018-5814
Security Advisory Description In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple U...
K14138: XML External Entity Injection (XXE) from authenticated source vulnerability CVE-2012-2997
Security Advisory Description An XML External Entity Injection XXE vulnerability exists in a BIG-IP component. This vulnerability may allow a user who is logged in to the BIG-IP Configuration utility to download arbitrary files from the file system. Impact An attacker may be able to exploit the...
K15724: OpenSSL vulnerability CVE-2014-3568
Security Advisory Description OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23clnt.c and s23srvr.c. CVE-2014-3568...
K16341: Linux kernel Controller Area Network (CAN) vulnerability CVE-2010-2959
Security Advisory Description Integer overflow in net/can/bcm.c in the Controller Area Network CAN implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of...
K16349: Linux kernel vulnerability CVE-2009-0676
Security Advisory Description Description The sockgetsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SOBSDCOMPAT getsockopt reques...
K16334: Apache Struts vulnerability CVE-2013-4316
Security Advisory Description Description Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. CVE-2013-4316 Impact None Status To determine if your release is known to be vulnerable, the components or features that are...
K2888: DNS cache poisoning vulnerability CVE-2003-0914
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, see K4602: Overview of the F5...
K82350223: MySQL vulnerabilities CVE-2018-2766, CVE-2018-2769, CVE-2018-2771, CVE-2018-2773, and CVE-2018-2775
Security Advisory Description CVE-2018-2766 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
K05013313: IPsec vulnerability CVE-2015-4047
Security Advisory Description racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests. CVE-2015-4047 Impact When this vulnerability is exploited, the remote attacker may be able us...
K27205552: NGINX Controller vulnerability CVE-2020-5864
Security Advisory Description Communication between NGINX Controller and NGINX Plus instances skip TLS verification by default. CVE-2020-5864 Impact This vulnerability enables a man-in-the-middle MITM attack that can intercept the communication channel and read/modify data in transit. Security...
K04160444: Intel CPU vulnerability CVE-2020-0592
Security Advisory Description Out of bounds write in BIOS firmware for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. CVE-2020-0592 Impact There is no impact; F5 products are not affected by this...
K35408374: BIG-IP compression driver vulnerability CVE-2021-23044
Security Advisory Description When the Intel QuickAssist Technology QAT compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition VE platforms, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2021-23044 Impact Traffic is disrupted whi...
K13201415: MySQL vulnerability CVE-2016-5616
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: MyISAM. CVE-2016-5616 Impact There is no impact; F5...
K07082049: NTP vulnerability CVE-2017-6462
Security Advisory Description Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device. CVE-2017-6462 Impact This vulnerability allows local users ...
K34508112: Pango vulnerability CVE-2019-1010238
Security Advisory Description Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pangolog2visgetembeddinglevels, assignment of nchars and the loop condition. The attack vecto...
K41020865: MySQL vulnerability CVE-2016-8286
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges. CVE-2016-8286 Impact There is no impact; F5 products are not affected by this vulnerability...
K51433470: MySQL vulnerability CVE-2017-10424
Security Advisory Description Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL subcomponent: Monitoring: Web. Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.4.2.4181 and earlier. Easily exploitable vulnerability allows...
K50543013: libarchive vulnerability CVE-2017-5601
Security Advisory Description An error in the lhareadfileheader1 function archivereadsupportformatlha.c in libarchive 3.2.2 allows remote attackers to trigger an out-of-bounds read memory access and subsequently cause a crash via a specially crafted archive. CVE-2017-5601 Impact No F5 products ar...
K85796417: Samba vulnerability CVE-2018-16860
Security Advisory Description A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the...
K11718033: TMM WebSocket vulnerability CVE-2018-5504
Security Advisory Description In some circumstances, the Traffic Management Microkernel TMM does not properly handle certain malformed WebSocket requests/responses, which allows remote attackers to cause a denial of service DoS or possible remote code execution on the BIG-IP system. CVE-2018-5504...
K24593421: Oracle Java SE vulnerability CVE-2018-2798
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows...
K19194273: MySQL vulnerabilities CVE-2019-2778, CVE-2019-2780, CVE-2019-2784, CVE-2019-2785, and CVE-2019-2789
Security Advisory Description CVE-2019-2778 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with...
K47009044: FreeBSD vulnerability CVE-2016-1887
Security Advisory Description Integer signedness error in the sockargs function in sys/kern/uipcsyscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service memory overwrite and kernel panic or gain privileges via a negative buflen...
K36984830: Gdk-pixbuf vulnerability CVE-2017-2862
Security Advisory Description An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this...
K92002212: TMM vulnerability CVE-2019-6676
Security Advisory Description Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE when using virtio direct descriptors and packets 2 KB or larger. CVE-2019-6676 Impact Some virtio backend implementations send large packets 2 KB or larger even when Large Offload Receive LRO...
K91240217: Linux kernel vulnerability CVE-2019-19076
Security Advisory Description A memory leak in the nfpabmu32knodereplace function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service memory consumption, aka CID-78beef629fd9. CVE-2019-19076 Impact There is no impact; F5...
K15548: Rsync sender.c vulnerability CVE-2007-4091
Security Advisory Description Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function. CVE-2007-4091 Impact There is no impact; F5 products are not affected b...
K42793451: MySQL vulnerabilities CVE-2019-2634, CVE-2019-2635, CVE-2019-2636, CVE-2019-2644, and CVE-2019-2681
Security Advisory Description CVE-2019-2634 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure...
K45593826: LibTIFF vulnerabilities CVE-2015-8870, CVE-2016-5652, CVE-2016-9536, CVE-2016-9537, and CVE-2016-9540
Security Advisory Description CVE-2015-8870 Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service heap-based buffer over-read, or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or...
K23860356: TMM vulnerability CVE-2019-6660
Security Advisory Description iRules performing HTTP header manipulation may cause a denial-of-serviceDoS when processing traffic handled by a virtual server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs.CVE-2019-6660 Impact The...
K23566124: BIG-IP TMUI vulnerability CVE-2019-6589
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface TMUI also known as the BIG-IP Configuration utility. CVE-2019-6589 Impact To perform the attack, a user must visit a specially crafted URL...
K21154730: TMM SSL/TLS profile vulnerability CVE-2017-6141
Security Advisory Description Certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Management Microkernel TMM. The Session Ticket option is disabled by default. CVE-2017-6141 Impact The...
K14752415: Netty vulnerability CVE-2019-20444
Security Advisory Description HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."CVE-2019-20444 Impact This vulnerability may result in HTTP...
K17327: GnuTLS RSA PKCS signature vulnerability CVE-2015-0282
Security Advisory Description GnuTLS before 3.1.0 does not verify that the RSA PKCS 1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. CVE-2015-0282 Impact This vulnerability may allow remot...
K95521879: screen vulnerability CVE-2017-5618
Security Advisory Description GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. CVE-2017-5618 Impact There is no impact; F5 products are not affected by this vulnerability. Security...