Lucene search
K

6392 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:11 p.m.•33 views

K15748: BIND vulnerability CVE-2010-0290

Security Advisory Description Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled CD, allows remote attackers to conduct DNS cache poisoning attacks by...

7.5AI score
Exploits0Affected Software9
F5 Networks
F5 Networks
•added 2023/02/21 6:10 p.m.•33 views

K15967: glibc and eglibc vulnerability CVE-2011-2702

Security Advisory Description Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 SSSE3 optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to 1 memcpy-ssse3-rep.S, 2...

6.8CVSS7.5AI score0.08458EPSS
Exploits6
F5 Networks
F5 Networks
•added 2023/02/21 6:10 p.m.•33 views

K15958: Ghostscript BaseFont vulnerability CVE-2008-6679

Security Advisory Description Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service ps2pdf crash and possibly execute arbitrary code via a crafted Postscript file. CVE-2008-6679 Impact None. No F5...

5CVSS7.8AI score0.04495EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:8 p.m.•33 views

K17174: OpenJDK vulnerability CVE-2015-4733

Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. CVE-2015-4733 Impact Confidentiality is affected when...

10CVSS4.9AI score0.05766EPSS
Exploits0Affected Software18
F5 Networks
F5 Networks
•added 2023/02/21 6:7 p.m.•33 views

K33444350: F5 SSL Orchestrator vulnerability CVE-2019-6630

Security Advisory Description Undisclosed traffic flow may cause TMM to restart under certain circumstances. CVE-2019-6630 Impact A remote attacker may be able to disrupt service by causing the Traffic Management Microkernel TMM to restart. This issue only affects F5 SSL Orchestrator systems...

7.5CVSS7.6AI score0.01376EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:7 p.m.•33 views

K04327111: Linux kernel vulnerability CVE-2019-3896

Security Advisory Description A double-free can happen in idrremoveall in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service DoS. CVE-2019-3896 Impact Traffix SDC An attacker may cause...

7.8CVSS7AI score0.00417EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:6 p.m.•33 views

K43254923: Apache Ranger vulnerability CVE-2016-2174

Security Advisory Description SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime. CVE-2016-2174 Impact There is no impact;...

7.2CVSS7.5AI score0.01884EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:6 p.m.•33 views

K91090139: BIND vulnerability CVE-2020-8624

Security Advisory Description In BIND 9.9.12 - 9.9.13, 9.10.7 - 9.10.8, 9.11.3 - 9.11.21, 9.12.1 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.12-S1 - 9.9.13-S1, 9.11.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset o...

4.3CVSS6.5AI score0.0364EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•33 views

K46264120: BIND vulnerability CVE-2016-1285

Security Advisory Description named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface, related to alist.c and sexpr.c. CVE-2016-1285...

6.8CVSS7AI score0.59143EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:34 p.m.•33 views

K82679059: BIG-IP APM SSO vulnerability CVE-2016-3686

Security Advisory Description Cleartext SessionID is visible in URL query parameters under some conditions. CVE-2016-3686 Impact There is a theoretical risk that a user could obtain unauthorized access to the system, causing a security breach. Security Advisory Status F5 Product Development has...

5.9CVSS5.7AI score0.01526EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 5:28 p.m.•33 views

K30673534: BIND vulnerability CVE-2015-8461

Security Advisory Description Beginning with the September 2015 maintenance releases 9.9.8 and 9.10.3, an error was introduced into BIND 9 which can cause a server to exit after encountering an INSIST assertion failure in resolver.c. CVE-2015-8461 Impact There is no impact; F5 products are not...

7.1CVSS7.4AI score0.04848EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 4:17 p.m.•33 views

K15133: BIND vulnerability CVE-2014-0591

Security Advisory Description The queryfindclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service INSIST assertion failure and daemon exit via a crafte...

2.6CVSS6.6AI score0.31671EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/02 3:27 p.m.•33 views

K64505405: NTP vulnerability CVE-2016-4956

Security Advisory Description ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service interleaved-mode transition and time change via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548. CVE-2016-4956 Impact In...

5.3CVSS6.6AI score0.16351EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2016/11/21 12:0 a.m.•33 views

SOL62477129 - MySQL vulnerability CVE-2016-5584

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

4.4CVSS2.7AI score0.01493EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/11/21 12:0 a.m.•33 views

SOL47605350 - MySQL vulnerability CVE-2016-5631

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

4.9CVSS2.7AI score0.02471EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/10/18 12:0 a.m.•33 views

SOL52950150 - CUPS vulnerability CVE-2014-9679

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

6.8CVSS2.6AI score0.04633EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/09/09 12:0 a.m.•33 views

SOL06430416 - Zend Framework vulnerability CVE-2015-7695

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.8CVSS2.4AI score0.02972EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/07/25 12:0 a.m.•33 views

SOL77323091 - Objective Systems ASN1C Compiler vulnerability CVE-2016-5080

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

10CVSS2.7AI score0.10064EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/07/14 12:0 a.m.•33 views

SOL04054286 - Linux kernel TCP vulnerability CVE-2016-2070

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.8CVSS1.9AI score0.03322EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/05/27 12:0 a.m.•33 views

SOL81223200 - Oracle Java SE vulnerability CVE-2016-3425

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS1.2AI score0.038EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2016/05/10 12:0 a.m.•33 views

SOL73455417 - obs-service-extract_file package vulnerability CVE-2016-4007

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

10CVSS2.9AI score0.02474EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/09/11 12:0 a.m.•33 views

SOL17257 - D-Bus vulnerability CVE-2014-3639

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

2.1CVSS1.5AI score0.00403EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2015/09/08 12:0 a.m.•33 views

SOL17155 - TMM vulnerability CVE-2015-4638

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

5CVSS1.5AI score0.01744EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2015/04/03 12:0 a.m.•33 views

SOL16337 - OpenSSL vulnerability CVE-2009-5146

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

3.2CVSS0.9AI score
Exploits0References4Affected Software1
F5 Networks
F5 Networks
•added 2015/04/03 12:0 a.m.•33 views

SOL16366 - GNU C Library (glibc) vulnerability CVE-2015-1472

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

7.5CVSS2.6AI score0.04688EPSS
Exploits2References4
F5 Networks
F5 Networks
•added 2014/08/06 12:0 a.m.•33 views

SOL15478 - PHP vulnerability CVE-2012-2386

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.5AI score0.42481EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2013/03/29 12:0 a.m.•33 views

SOL14316 - BIND vulnerability CVE-2012-3817

Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS...

7.8CVSS3.6AI score0.27383EPSS
Exploits1References8
F5 Networks
F5 Networks
•added 2011/08/02 12:0 a.m.•33 views

SOL12998 - OpenSSL vulnerability CVE-2011-1945

The elliptic curve cryptography ECC subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm ECDSA is used for the ECDHEECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine...

2.6CVSS7.1AI score0.0343EPSS
Exploits1
F5 Networks
F5 Networks
•added 2008/04/13 12:0 a.m.•33 views

SOL8602 - Cross-site scripting (XSS) vulnerability viewing logs from the web management interface

To prevent exposure to this vulnerability do not select any unknown or suspicious content when viewing log files using the BIG-IP or Enterprise Manager web management interface. To view log files from the command line, access the device using an SSH client. Note: Because exploitation of this...

6.8CVSS5.8AI score0.02423EPSS
Exploits1
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•33 views

SOL5576 - Authentication vulnerability in Apache mod_digest - CAN-2003-0987

Vulnerability description moddigest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret. Information about this advisory is available at the following location:...

7.5CVSS0.8AI score0.05562EPSS
Exploits0
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•33 views

SOL4369 - Configuration utility login vulnerability - CR45786

BIG-IP 9.0.2 through 9.0.4 cache login credentials for the Configuration utility. Once a user is logged in, the cache does not check the password entered for additional sessions under that user name. As a result, it is possible to gain access to the BIG-IP Configuration utility without a password...

1.8AI score
Exploits0
F5 Networks
F5 Networks
•added 2006/03/28 12:0 a.m.•33 views

SOL6075 - Cross-Site Scripting Vulnerability - Secunia Advisory SA19337

For information about the vulnerability described in this security advisory, refer to the following website locations: http://www.securityfocus.com/archive/1/428318/30/0/threaded http://secunia.com/advisories/19337/ http://www.frsirt.com/english/advisories/2006/1036 These vulnerabilities can lead...

0.1AI score
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2026/05/08 5:6 p.m.•32 views

K000161181: Linux kernel vulnerabilities CVE-2026-43284 and CVE-2026-43500

Security Advisory Description CVE-2026-43284 Dirty Frag In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after...

8.8CVSS6AI score0.93235EPSS
Exploits33
F5 Networks
F5 Networks
•added 2026/02/05 10:2 p.m.•32 views

K000159893: Python vulnerability CVE-2021-3737

Security Advisory Description A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerabili...

7.5CVSS6.9AI score0.11586EPSS
Exploits1Affected Software2
F5 Networks
F5 Networks
•added 2024/11/19 2:54 a.m.•32 views

K000148607: OpenSSL vulnerability CVE-2022-1292

Security Advisory Description The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary comman...

10CVSS7.1AI score0.83223EPSS
Exploits5
F5 Networks
F5 Networks
•added 2024/10/28 2:55 a.m.•32 views

K000148279: CUPS vulnerability CVE-2024-47850

Security Advisory Description CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability than CVE-2024-47176. The request is meant to probe the new printer bu...

7.5CVSS7.6AI score0.00853EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/10/07 3:15 a.m.•32 views

K000141355: Multiple PHP vulnerabilities

Security Advisory Description CVE-2016-4342 ext/phar/pharobject.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 mishandles zero-length uncompressed data, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact v...

8.8CVSS9.2AI score0.13314EPSS
Exploits5
F5 Networks
F5 Networks
•added 2024/10/01 9:26 p.m.•32 views

K000141301: Perl vulnerability CVE-2018-6913

Security Advisory Description Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. CVE-2018-6913 Impact An attacker may be able to execute arbitrary code on the system. Security Advisory Status F...

9.8CVSS9.6AI score0.10866EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2024/08/13 7:8 a.m.•32 views

K000140696: Qt vulnerability CVE-2023-51714

Security Advisory Description An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. CVE-2023-51714 Impact There is no...

9.8CVSS8.6AI score0.00986EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/07/11 8:47 a.m.•32 views

K000140303: Apache Tomcat vulnerability CVE-2024-34750

Security Advisory Description Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams...

7.5CVSS7.6AI score0.04602EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/04/02 6:43 p.m.•32 views

K000139152: Linux kernel vulnerability CVE-2023-2006

Security Advisory Description A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute...

7CVSS7.2AI score0.00363EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/02/14 1:30 p.m.•32 views

K000138047: BIG-IP Advanced WAF and BIG-IP ASM Configuration utility vulnerability CVE-2024-23603

Security Advisory Description A SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. CVE-2024-23603 Impact A highly privileged authenticated attacker can exploit this vulnerability to execute malicious SQL statements through the BIG-IP Configuration...

3.8CVSS5.7AI score0.00302EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/12/27 6:24 p.m.•32 views

K000138056: Wireshark vulnerability CVE-2018-14438

Security Advisory Description In Wireshark through 2.6.2, the createapprunningmutex function in wsutil/fileutil.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily. CVE-2018-14438 Impact There is no impact; F5 products are not...

7.5CVSS7.5AI score0.012EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/11/30 1:30 a.m.•32 views

K000137734: MariaDB/MySQL vulnerability CVE-2023-22084

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

4.9CVSS5.1AI score0.01782EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/10/03 4:39 p.m.•32 views

K000137105: libvpx vulnerability CVE-2023-5217

Security Advisory Description Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High CVE-2023-5217 Impact There is no impac...

8.8CVSS7.9AI score0.49013EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/08/11 10:31 p.m.•32 views

K000135831: Node.js vulnerability CVE-2023-32067

Security Advisory Description c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interpret...

7.5CVSS6.6AI score0.01577EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/07/26 11:40 p.m.•32 views

K000135621: VMware Tools vulnerability CVE-2023-20867

Security Advisory Description A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. CVE-2023-20867 Impact There is no impact; F5 products are not affected by this...

3.9CVSS5.4AI score0.13638EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/06/25 11:2 p.m.•32 views

K000135223: Apache Tomcat vulnerability CVE-2023-34981

Security Advisory Description A regression in the fix for bug 66512 in Apache Tomcat 11.0.0-M5, 10.1.8, 9.0.74 and 8.5.88 meant that, if a response did not include any HTTP headers no AJP SENDHEADERS messare woudl be sent for the response which in turn meant that at least one AJP proxy modproxyaj...

7.5CVSS7.4AI score0.01116EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/05/20 11:37 a.m.•32 views

K000134706: Python IDNA vulnerability CVE-2022-45061

Security Advisory Description An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of...

7.5CVSS6.8AI score0.02453EPSS
Exploits1Affected Software5
F5 Networks
F5 Networks
•added 2023/05/18 9:3 p.m.•32 views

K000134672: Zsh vulnerability CVE-2019-20044

Security Advisory Description In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULEPATH=/dir/with/module zmodload with a module that...

7.8CVSS8.6AI score0.00495EPSS
Exploits0
Total number of security vulnerabilities5000