6395 matches found
K24593421: Oracle Java SE vulnerability CVE-2018-2798
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows...
K81192137: sosreport vulnerability CVE-2015-7529
Security Advisory Description sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date...
K19194273: MySQL vulnerabilities CVE-2019-2778, CVE-2019-2780, CVE-2019-2784, CVE-2019-2785, and CVE-2019-2789
Security Advisory Description CVE-2019-2778 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with...
K47009044: FreeBSD vulnerability CVE-2016-1887
Security Advisory Description Integer signedness error in the sockargs function in sys/kern/uipcsyscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service memory overwrite and kernel panic or gain privileges via a negative buflen...
K36984830: Gdk-pixbuf vulnerability CVE-2017-2862
Security Advisory Description An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this...
K92002212: TMM vulnerability CVE-2019-6676
Security Advisory Description Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE when using virtio direct descriptors and packets 2 KB or larger. CVE-2019-6676 Impact Some virtio backend implementations send large packets 2 KB or larger even when Large Offload Receive LRO...
K91240217: Linux kernel vulnerability CVE-2019-19076
Security Advisory Description A memory leak in the nfpabmu32knodereplace function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service memory consumption, aka CID-78beef629fd9. CVE-2019-19076 Impact There is no impact; F5...
K15548: Rsync sender.c vulnerability CVE-2007-4091
Security Advisory Description Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function. CVE-2007-4091 Impact There is no impact; F5 products are not affected b...
K45593826: LibTIFF vulnerabilities CVE-2015-8870, CVE-2016-5652, CVE-2016-9536, CVE-2016-9537, and CVE-2016-9540
Security Advisory Description CVE-2015-8870 Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service heap-based buffer over-read, or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or...
K23860356: TMM vulnerability CVE-2019-6660
Security Advisory Description iRules performing HTTP header manipulation may cause a denial-of-serviceDoS when processing traffic handled by a virtual server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs.CVE-2019-6660 Impact The...
K23566124: BIG-IP TMUI vulnerability CVE-2019-6589
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface TMUI also known as the BIG-IP Configuration utility. CVE-2019-6589 Impact To perform the attack, a user must visit a specially crafted URL...
K13432: OpenSSL vulnerability CVE-2010-0433
Security Advisory Description In the ksslkeytabisavailable function in ssl/kssl.c in OpenSSL before 0.9.8n., when Kerberos is enabled, but Kerberos configuration files cannot be opened, the function does not check a certain return value, which allows remote attackers to cause a Denial of Service...
K21154730: TMM SSL/TLS profile vulnerability CVE-2017-6141
Security Advisory Description Certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Management Microkernel TMM. The Session Ticket option is disabled by default. CVE-2017-6141 Impact The...
K14752415: Netty vulnerability CVE-2019-20444
Security Advisory Description HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."CVE-2019-20444 Impact This vulnerability may result in HTTP...
K95521879: screen vulnerability CVE-2017-5618
Security Advisory Description GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. CVE-2017-5618 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K23598445: BIND vulnerabilities CVE-2017-3136 and CVE-2017-3138
Security Advisory Description CVE-2017-3136 A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use th...
K20682450: BIG-IP AFM vulnerability CVE-2017-6142
Security Advisory Description X509 certificate verification was not correctly implemented in the early access "user id" feature in the BIG-IP Advanced Firewall Manager, and thus did not properly validate the remote server's identity on certain versions of BIG-IP. CVE-2017-6142 Impact In affected...
K19501795: BIG-IP HTTP profile vulnerability CVE-2019-6631
Security Advisory Description iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs. CVE-2019-6631 Impact The...
K08464741: Bash vulnerability CVE-2017-5932
Security Advisory Description The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " double quote character and a command substitution metacharacter. CVE-2017-5932 Impact There is no impact; F5 products are not affected by this...
K25092613: rsyslog vulnerability CVE-2018-1000140
Security Advisory Description rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigg...
K01067037: BIG-IP tmsh vulnerability CVE-2018-15321
Security Advisory Description When BIG-IP is licensed for Appliance mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance mode restrictions to overwrite critical system files. CVE-2018-15321 Attackers with a high-privilege level can overwrite critical system files, which in tu...
K91158923: BIG-IP SSL/TLS ADH/DHE vulnerability CVE-2020-5929
Security Advisory Description BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a virtual server configured with a Client SSL profile, and using Anonymous Diffie-Hellman ADH or Ephemeral Diffie-Hellman DHE key exchange and Single DH use option not enabled in the options list ma...
K01701871: Linux kernel vulnerability CVE-2016-5728
Security Advisory Description Race condition in the vopioctl function in drivers/misc/mic/vop/vopvringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service memory corruption and system crash by...
K05087544: Linux kernel vulnerability CVE-2018-1000028
Security Advisory Description Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server nfsd that can result in remote users reading or writing files they should not be able to via NFS. This attack appear...
K42745412: Linux kernel vulnerability CVE-2020-25221
Security Advisory Description getgatepage in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting caused by gate page mishandling of the struct page that backs the vsyscall page. The result is a refcount underflow. This can ...
K33183814: Linux kernel vulnerability CVE-2010-5331
Security Advisory Description In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one buffer overflow problem. CVE-2010-5331 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...
K70031188: TMUI authenticated remote command execution vulnerability CVE-2021-22988
Security Advisory Description The Traffic Management User Interface TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages. CVE-2021-22988 Note : For systems running in Appliance mode, refer to K18132488 Appliance Mode...
K15565: OpenSSL vulnerability CVE-2014-3512
Security Advisory Description Multiple buffer overflows in crypto/srp/srplib.c in the SRP implementation in OpenSSL 1.0.1 before 1.0.1i allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via an invalid SRP 1 g, 2 A, or 3 B parameter...
K27391542: BIG-IP APM per-request policy object vulnerability CVE-2018-5536
Security Advisory Description A remote attacker through undisclosed measures, may be able to exploit a virtual server configured with a BIG-IP APM per-request policy object and cause a memory leak in the BIG-IP APM module. CVE-2018-5536 Impact This vulnerability allows a disruption of service...
K16124204: procps-ng vulnerability CVE-2018-1124
Security Advisory Description procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in...
K00056379: GNU Binutils vulnerability CVE-2019-9077
Security Advisory Description An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section. CVE-2019-9077 Impact Traffix SDC This vulnerability can be exploited to cause a denial-of-service DoS condition a...
K87895241: Apache Tomcat vulnerability CVE-2021-30639
Security Advisory Description A vulnerability in Apache Tomcat allows an attacker to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between...
K24923910: LibTIFF vulnerability CVE-2016-3632
Security Advisory Description The TIFFVGetField function in tifdirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via a crafted TIFF image. CVE-2016-3632 Impact An attacker can use specially-crafted TIFF files ...
K21284031: GnuPG vulnerability CVE-2014-4617
Security Advisory Description The douncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. CVE-2014-4617...
K81137982: TMM vulnerability CVE-2017-6136
Security Advisory Description Undisclosed traffic patterns sent to BIG-IP virtual servers, with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile, may cause a disruption of service to the Traffic Management Microkernel TMM. CVE-2017-6136 Impact An attacker may be...
K94133434: Wireshark vulnerability CVE-2018-19627
Security Advisory Description In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary. CVE-2018-19627 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisor...
K11043204: Linux kernel vulnerability CVE-2019-19064
Security Advisory Description DISPUTED A memory leak in the fsllpspiprobe function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering pmruntimegetsync failures, aka CID-057b8945f78f. NOTE: third parties...
K55101404: TMM vulnerability CVE-2019-6590
Security Advisory Description Under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic. CVE-2019-6590 Impact BIG-IP This vulnerability may result as a denial-of-service DOS attack on the affected BIG-IP system when the system consumes...
K29538335: BIND vulnerability CVE-2019-6467
Security Advisory Description A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in...
K92140924: F5 management sshd vulnerability CVE-2017-6128
Security Advisory Description An undisclosed traffic pattern received on an F5 management interface may cause the Secure Shell Daemon sshd to stop responding, resulting in a Denial-of-Service DoS. CVE-2017-6128 Impact An attacker may be able to cause a denial-of-service DoS attack against the ssh...
K52319810: Apache Portable Runtime vulnerability CVE-2017-12613
Security Advisory Description When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an aprtimeexpt value, potentially revealing the contents of a...
K44271140: Linux kernel vulnerability CVE-2017-18218
Security Advisory Description In drivers/net/ethernet/hisilicon/hns/hnsenet.c in the Linux kernel before 4.13, local users can cause a denial of service use-after-free and BUG or possibly have unspecified other impact by leveraging differences in skb handling between hnsnicnetxmithw and...
K45573415: Intel software vulnerabilities CVE-2020-12297, CVE-2020-12304, CVE-2020-12354
Security Advisory Description CVE-2020-12297 Improper access control in Installer for IntelR CSME Driver for Windows versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25, Intel TXE 3.1.80, 4.0.30 may allow an authenticated user to potentially enable...
K66851119: F5 TMUI XSS vulnerability CVE-2021-22994
Security Advisory Description Undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role. This vulnerability is due to an incomplete fix for CVE-2020-5948. CVE-2021-22994 Impa...
K30500703: TMUI vulnerability CVE-2018-5511
Security Advisory Description When authenticated administrative users run commands in the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. CVE-2018-5511 Impact This vulnerability allows a privilege...
K8331: OpenSSL FIPS Object Module 1.1 vulnerability - CVE-2007-5502
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K40131068: GnuPG vulnerability CVE-2013-4402
Security Advisory Description The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service infinite recursion via a crafted OpenPGP message. CVE-2013-4402 Impact A remote attacker may exploit this flaw by way of a specially...
K6634: pam_ldap vulnerability - CVE-2005-2641
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K15513: LZ4 vulnerability CVE-2014-4611
Security Advisory Description Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4uncompress function in lib/lz4/lz4decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial ...
K17121: Linux network subsystem vulnerabilities CVE-2014-8160, CVE-2014-8172, CVE-2014-8173, CVE-2014-9428, CVE-2014-9644, CVE-2015-0274, and CVE-2015-2041
Security Advisory Description CVE-2014-8160 net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended...