6294 matches found
K11758085: OpenSSL vulnerability CVE-2016-6305
Security Advisory Description The ssl3readbytes function in record/reclayers3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service infinite loop by triggering a zero-length record in an SSLpeek call. CVE-2016-6305 Impact There is no impact; F5 products are not...
K55792317: BIG-IP management vulnerability CVE-2016-9250
Security Advisory Description In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism. CVE-2016-9250 Impact An unauthenticated user with access to the...
K47009044: FreeBSD vulnerability CVE-2016-1887
Security Advisory Description Integer signedness error in the sockargs function in sys/kern/uipcsyscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service memory overwrite and kernel panic or gain privileges via a negative buflen...
K13351036: DPDK vulnerabilities CVE-2020-10722 and CVE-2020-10723
Security Advisory Description CVE-2020-10722 A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhostusersetlogbase could result in a smaller memory map than requested, possibly allowing memory corruption. CVE-2020-10723 A memory corruption issu...
K30314331: glibc vulnerability CVE-2017-15671
Security Advisory Description The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27, when invoked with GLOBTILDE, could skip freeing allocated memory when processing the operator with a long user name, potentially leading to a denial of service memory leak. CVE-2017-1567...
K16728: iCall privilege escalation vulnerability CVE-2015-3628
Security Advisory Description An authenticated user, with Resource Administrator role permissions, is able to use iCall scripts and associated handlers to create and modify user account properties. CVE-2015-3628 Impact An authenticated user with limited access Resource Administration may be able ...
K92002212: TMM vulnerability CVE-2019-6676
Security Advisory Description Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE when using virtio direct descriptors and packets 2 KB or larger. CVE-2019-6676 Impact Some virtio backend implementations send large packets 2 KB or larger even when Large Offload Receive LRO...
K54130510: TMM DIAMETER vulnerability CVE-2018-5522
Security Advisory Description When processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may restart. CVE-2018-5522 Impact This vulnerability allows for a remote unauthorized disruption of service by way of an unspecified DIAMETER packet. Security Advisory Status F5...
K15548: Rsync sender.c vulnerability CVE-2007-4091
Security Advisory Description Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function. CVE-2007-4091 Impact There is no impact; F5 products are not affected b...
K20902096: Linux kernel vulnerability CVE-2016-6786
Security Advisory Description kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111. CVE-2016-6786 Impact This...
K32049025: BIND vulnerability CVE-2016-6170
Security Advisory Description ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service secondary DNS server crash via a large AXFR response, and possibly allows IXFR servers to cause a denial of service IXFR client...
K13432: OpenSSL vulnerability CVE-2010-0433
Security Advisory Description In the ksslkeytabisavailable function in ssl/kssl.c in OpenSSL before 0.9.8n., when Kerberos is enabled, but Kerberos configuration files cannot be opened, the function does not check a certain return value, which allows remote attackers to cause a Denial of Service...
K21154730: TMM SSL/TLS profile vulnerability CVE-2017-6141
Security Advisory Description Certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Management Microkernel TMM. The Session Ticket option is disabled by default. CVE-2017-6141 Impact The...
K56499646: Linux kernel vulnerability CVE-2021-3501
Security Advisory Description A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this...
K43121447: BIG-IP Client SSL vulnerability CVE-2018-5502
Security Advisory Description Attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate...
K41301038: QEMU vulnerability CVE-2020-25084
Security Advisory Description QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usbpacketmap return value is not checked. CVE-2020-25084 Impact A local attacker may cause a denial-of-service DoS or execute arbitrary code on platforms that support Virtual Clustered Multiprocessing...
K23205024: MySQL Server Optimizer vulnerability CVE-2022-21438
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...
K43540241: MySQL vulnerabilities CVE-2019-2620, CVE-2019-2623, CVE-2019-2624, CVE-2019-2625, and CVE-2019-2626
Security Advisory Description CVE-2019-2620 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
K23372179: Linux kernel vulnerability CVE-2018-6412
Security Advisory Description In the function sbusfbioctlhelper in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAPSPARC and FBIOGETCMAPSPARC commands. CVE-2018-6412 Impact There is no impact; F5...
K16861: BIG-IQ remote authentication vulnerability CVE-2015-4637
Security Advisory Description When remote authentication is configured on the BIG-IQ system for a LDAP server that allows anonymous BIND operations, a unauthenticated user may obtain an authentication token from the REST API for any known or guessed LDAP user account and will receive all the acce...
K16576941: ISC BIND vulnerability CVE-2018-5737
Security Advisory Description A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching...
K04234247: Resource Administrator or Administrator role authenticated local command execution vulnerability CVE-2021-23012
Security Advisory Description Lack of input validation for items used in system support functionality may allow users granted either "Resource Administrator" or "Administrator" roles to execute arbitrary bash commands on BIG-IP. CVE-2021-23012 Impact In a standard BIG-IP deployment, a minor...
K80533167: BIND vulnerability CVE-2017-3135
Security Advisory Description Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 - 9.9.9-S7,...
K06554372: Linux kernel vulnerability CVE-2019-19059
Security Advisory Description Multiple memory leaks in the iwlpciectxtinfogen3init function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption by triggering iwlpcieinitfwsec or...
K01067037: BIG-IP tmsh vulnerability CVE-2018-15321
Security Advisory Description When BIG-IP is licensed for Appliance mode, Admin and Resource administrator roles can by-pass BIG-IP Appliance mode restrictions to overwrite critical system files. CVE-2018-15321 Attackers with a high-privilege level can overwrite critical system files, which in tu...
K91158923: BIG-IP SSL/TLS ADH/DHE vulnerability CVE-2020-5929
Security Advisory Description BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a virtual server configured with a Client SSL profile, and using Anonymous Diffie-Hellman ADH or Ephemeral Diffie-Hellman DHE key exchange and Single DH use option not enabled in the options list ma...
K05087544: Linux kernel vulnerability CVE-2018-1000028
Security Advisory Description Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server nfsd that can result in remote users reading or writing files they should not be able to via NFS. This attack appear...
K33183814: Linux kernel vulnerability CVE-2010-5331
Security Advisory Description In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one buffer overflow problem. CVE-2010-5331 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...
K27391542: BIG-IP APM per-request policy object vulnerability CVE-2018-5536
Security Advisory Description A remote attacker through undisclosed measures, may be able to exploit a virtual server configured with a BIG-IP APM per-request policy object and cause a memory leak in the BIG-IP APM module. CVE-2018-5536 Impact This vulnerability allows a disruption of service...
K24923910: LibTIFF vulnerability CVE-2016-3632
Security Advisory Description The TIFFVGetField function in tifdirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via a crafted TIFF image. CVE-2016-3632 Impact An attacker can use specially-crafted TIFF files ...
K23412152: libidn vulnerability CVE-2016-6261
Security Advisory Description The idnatoascii4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via 64 bytes of input. CVE-2016-6261 Impact This vulnerability may allow attackers to cause a denial of service...
K20281756: Libgcrypt vulnerability CVE-2017-7526
Security Advisory Description libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately mo...
K67501282: Overview of F5 vulnerabilities (June 2021)
Security Advisory Description On June 1, 2021, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated Security Advisory article...
K55625065: MySQL vulnerability CVE-2016-5624
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier allows remote authenticated users to affect availability via vectors related to DML. CVE-2016-5624 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...
K15479471: Mozilla NSS vulnerability CVE-2016-2834
Security Advisory Description Mozilla Network Security Services NSS before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors. CVE-2016-2834 Impact...
K13523672: Linux kernel vulnerability CVE-2019-12454
Security Advisory Description DISPUTED An issue was discovered in wcd9335codecenabledec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdupnul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this...
K17321122: Nss compat ossl vulnerability CVE-2015-3278
Security Advisory Description The cipherstring parsing code in nsscompatossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors. CVE-2015-3278 Impact There is no impact; F5...
K33846344: Cloud-init vulnerabilities CVE-2020-8631 and CVE-2020-8632
Security Advisory Description CVE-2020-8631 cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because randstr in cloudinit/util.py calls the random.choice function. CVE-2020-8632 In cloud-init through 19.4,...
K32888092: Linux Kernel vulnerability CVE-2019-13648
Security Advisory Description In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service TM Bad Thing exception and system crash via a sigreturn system call that sends a crafted signal frame. This affects...
K16852653: TMM vulnerability CVE-2022-32455
Security Advisory Description When a BIG-IP LTM Client SSL profile is configured on a virtual server to perform client certificate authentication with session tickets enabled, undisclosed requests cause the Traffic Management Microkernel TMM to terminate. CVE-2022-32455 Impact Traffic is disrupte...
K92140924: F5 management sshd vulnerability CVE-2017-6128
Security Advisory Description An undisclosed traffic pattern received on an F5 management interface may cause the Secure Shell Daemon sshd to stop responding, resulting in a Denial-of-Service DoS. CVE-2017-6128 Impact An attacker may be able to cause a denial-of-service DoS attack against the ssh...
K66851119: F5 TMUI XSS vulnerability CVE-2021-22994
Security Advisory Description Undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role. This vulnerability is due to an incomplete fix for CVE-2020-5948. CVE-2021-22994 Impa...
K6634: pam_ldap vulnerability - CVE-2005-2641
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K15748: BIND vulnerability CVE-2010-0290
Security Advisory Description Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by...
K15958: Ghostscript BaseFont vulnerability CVE-2008-6679
Security Advisory Description Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service ps2pdf crash and possibly execute arbitrary code via a crafted Postscript file. CVE-2008-6679 Impact None. No F5...
K17174: OpenJDK vulnerability CVE-2015-4733
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. CVE-2015-4733 Impact Confidentiality is affected when...
K16715: Multiple LibTIFF vulnerabilities
Security Advisory Description CVE-2013-1960 Heap-based buffer overflow in the t2pprocessjpegstrip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted TIFF image file. CVE-2013-1961 Stack-bas...
K04327111: Linux kernel vulnerability CVE-2019-3896
Security Advisory Description A double-free can happen in idrremoveall in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service DoS. CVE-2019-3896 Impact Traffix SDC An attacker may cause...
K91090139: BIND vulnerability CVE-2020-8624
Security Advisory Description In BIND 9.9.12 - 9.9.13, 9.10.7 - 9.10.8, 9.11.3 - 9.11.21, 9.12.1 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.12-S1 - 9.9.13-S1, 9.11.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset o...
K48042976: BIG-IP SSL vulnerability CVE-2016-4545
Security Advisory Description On virtual servers with Secure Sockets Layer SSL profiles enabled, an SSL alert sent during the handshake may produce unnecessary logging and resource consumption on a BIG-IP system that is running 11.5.4 FINAL, possibly causing the Traffic Management Microkernel TMM...