6390 matches found
SOL14340611 - Java vulnerability CVE-2013-5782
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17330 - GnuTLS vulnerability CVE-2015-3308
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17124 - Linux kernel vulnerability CVE-2015-1465
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16880 - Libcap vulnerability CVE-2011-4099
The capsh program in libcap before 2.22 does not change the current working directory when the --chroot option is specified, which allows local users to bypass the chroot restrictions via unspecified vectors. CVE-2011-4099...
SOL16843 - NAT-PMP vulnerability VU#184540
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL15880 - Libpng vulnerability CVE-2008-6218
Recommended action ARX If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate th...
SOL15793 - PHP Posthandler vulnerability CVE-2014-3622
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...
SOL12998 - OpenSSL vulnerability CVE-2011-1945
The elliptic curve cryptography ECC subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm ECDSA is used for the ECDHEECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine...
SOL7854 - Web Applications Content Processing Scripts vulnerability
F5 Product Development tracked this issue as CR81839 and it was fixed in FirePass 6.0.2. For information about upgrading, refer to the FirePass release notes. Additionally, cumulative hotfix HF-552-10 has been issued for FirePass 5.5.2, cumulative hotfix HF-600-15 has been issued for FirePass 6.0...
SOL5873 - PAM conversation stack corruption in OpenSSH - CVE-2003-0787
Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...
SOL4809 - tcpdump vulnerabilities - CAN-2005-1278, CAN-2005-1279, and CAN-2005-1280
F5 Networks Product Development tracked this issue as CR48152 and CR48153 and it was fixed in BIG-IP and 3-DNS version 4.5.13. This issue still exists in the BIG-IP and 3-DNS 4.6 software branch...
K000160515: F5 System Scanner
Topic This article explains how to install and run the F5 System Scanner on BIG-IP and standard x8664 Linux systems. The F5 System Scanner supports the following BIG-IP versions hotfixes EHFs: BIG-IP versions released between October 2025 and May 5, 2026 EHFs released between October 2025 and Apr...
K000159002: Linux kernel vulnerability CVE-2025-39718
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately,...
K000156994: BusyBox vulnerability CVE-2016-2148
Security Advisory Description Heap-based buffer overflow in the DHCP client udhcpc in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION6RD parsing. CVE-2016-2148 Impact This vulnerability allows remote attackers to perform a Remote Code Executio...
K000149329: PostgreSQL vulnerabilities CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, and CVE-2014-0063
Security Advisory Description CVE-2014-0060 PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users t...
K000148349: Spring framework vulnerability CVE-2024-38819
Security Advisory Description The cve record for the cve id does not exist. CVE-2024-38819 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for potential vulnerability, and...
K000141088: SQLite vulnerability CVE-2017-10989
Security Advisory Description The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. CVE-2017-10989 Impact...
K000138913: BIG-IP Next CNF vulnerability CVE-2024-28132
Security Advisory Description Exposure of a Sensitive Information vulnerability exists in the Global Server Load Balancing GSLB container, which may allow an authenticated attacker with administrator role privileges to view sensitive information. CVE-2024-28132 Impact An authenticated attacker ma...
K000137675: BIG-IP HTTP/2 vulnerability CVE-2024-23314
Security Advisory Description When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-23314 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote...
K000137871: Linux kernel vulnerability CVE-2023-35001
Security Advisory Description Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nftbyteorder poorly handled vm register contents when CAPNETADMIN is in any user or network namespace CVE-2023-35001 Impact This vulnerability may allow an authenticated attacker with local access to...
K000137038: BIND vulnerability CVE-2023-4236
Security Advisory Description A flaw in the networking code handling DNS-over-TLS queries may cause named to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9...
K000135853: Dell BSAFE Micro Edition vulnerability CVE-2020-35168
Security Advisory Description Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. CVE-2020-35168 Impact There is no impact; F5 products are not affected by this vulnerability...
K000134746: BIG-IP Edge Client for macOS vulnerability CVE-2023-38418
Security Advisory Description The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. CVE-2023-38418 Impact An attacker with an ability to run unprivileged arbitrary code on the target macOS client may be able to abuse an...
K000135555: Java vulnerabilities CVE-2020-2756 and CVE-2020-2757
Security Advisory Description CVE-2020-2756 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows...
K000135352: Heimdal vulnerability CVE-2022-3116
Security Advisory Description The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash. CVE-2022-3116 Impact There is no impact; F5...
K000135314: GO vulnerability CVE-2022-28327
Security Advisory Description The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. CVE-2022-28327 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Developme...
K000132703: HAProxy vulnerability CVE-2021-40346
Security Advisory Description An integer overflow exists in HAProxy 2.0 through 2.5 in htxaddheader that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. CVE-2021-40346 Impact There is no...
K55143785: NSS vulnerability CVE-2017-7502
Security Advisory Description Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker. CVE-2017-7502 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K05510205: Linux kernel vulnerability CVE-2018-14678
Security Advisory Description An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usag...
K29149494: iControl REST vulnerability CVE-2019-6637
Security Advisory Description Application logic abuse of ASM REST endpoints can lead to instability of BIG-IP system. Exploitation of this issue causes excessive memory consumption which results in the Linux kernel triggering OOM killer on arbitrary processes. The attack requires an authenticated...
K06430416: Zend Framework vulnerability CVE-2015-7695
Security Advisory Description The PDO adapters in Zend Framework before 1.12.16 do not filer null bytes in SQL statements, which allows remote attackers to execute arbitrary SQL commands via a crafted query. CVE-2015-7695 Impact There is no impact; F5 products are not affected by this...
K62201098: BADoS vulnerability CVE-2018-5526
Security Advisory Description Under certain conditions, Behavioral DoS BADoS protection may fail during an attack. CVE-2018-5526 Impact BADoS protection does not function as intended. Security Advisory Status F5 Product Development has assigned IDs 714350 and 714369 BIG-IP to this vulnerability. ...
K34893234: BIG-IP APM Appliance mode vulnerability CVE-2022-31473
Security Advisory Description When running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit can allow the attacker to cross a security boundary...
K95434410: TMM vulnerability CVE-2019-6629
Security Advisory Description Undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact...
K4256: RADIUS integer overflow vulnerability CAN-2005-0108
Security Advisory Description Apache modauthradius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service crash via a RADIUSREPLYMESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument. Note: Versions that a...
K14632915: TMM vulnerability CVE-2019-6603
Security Advisory Description Malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs. CVE-2019-6603 Impact This vulnerability...
K06440657: BIG-IP Advanced WAF and ASM iControl REST vulnerability CVE-2021-23001
Security Advisory Description The upload functionality in BIG-IP Advanced WAF and ASM allows an authenticated user to upload files to the BIG-IP system using a call to an undisclosed iControl REST endpoint. CVE-2021-23001 Impact An authenticated malicious user can upload malicious files to use in...
K99038439: NodeJS vulnerability CVE-2012-2330
Security Advisory Description The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero...
K51543541: QEMU vulnerability CVE-2018-7858
Security Advisory Description Quick Emulator aka QEMU, when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service out-of-bounds access and QEMU process crash by leveraging incorrect region calculation when updating VGA display...
K47284724: iControl vulnerability CVE-2016-9256
Security Advisory Description Permissions enforced by iControl can lag behind the actual permissions assigned to a user if the rolemap is not reloaded between the time the permissions are changed and the time of the user's next request. This is a race condition that occurs rarely in normal usage;...
K71612511: Kernel vulnerability CVE-2016-8106
Security Advisory Description A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions. CVE-2016-8106 Impact There ...
K55031185: demangler in GNU Libiberty vulnerability CVE-2016-6131
Security Advisory Description The demangler in GNU Libiberty allows remote attackers to cause a denial of service infinite loop, stack overflow, and crash via a cycle in the references of remembered mangled types. CVE-2016-6131 Impact There is no impact; F5 products are not affected by this...
K31445234: Intel I210 network adapter vulnerability CVE-2020-0523
Security Advisory Description Improper access control in the firmware for the IntelR Ethernet I210 Controller series of network adapters before version 3.30 may potentially allow a privileged user to enable a denial of service via local access. CVE-2020-0523 Impact The BIG-IP management network...
K68292031: Intel CPU vulnerability CVE-2018-3658
Security Advisory Description Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access. CVE-2018-3658 Impact There is no impact; F5 products are...
K11561403: Intel CPU vulnerability CVE-2018-3657
Security Advisory Description Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. CVE-2018-3657 Impact There is no impact; F5 products ar...
K17443: Perl vulnerability CVE-2007-5116
Security Advisory Description Buffer overflow in the polymorphic opcode support in the Regular Expression Engine regcomp.c in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode UTF characters in a regular expression. CVE-2007-5116 Impact There...
K15553: Kerberos vulnerability CVE-2014-4343
Security Advisory Description Double free vulnerability in the initctxreselect function in the SPNEGO initiator in lib/gssapi/spnego/spnegomech.c in MIT Kerberos 5 aka krb5 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service memory corruption or possibly execu...
K16494: phpMyAdmin vulnerability CVE-2015-2206
Security Advisory Description libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it...
K42891424: Grep vulnerability CVE-2015-1345
Security Advisory Description The bmexectrans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service out-of-bounds heap read and crash via crafted input when using the -F option. CVE-2015-1345 Impact A local user may cause a denial-of-service DoS by way of...
K16479: Linux kernel vulnerability CVE-2009-4537
Security Advisory Description drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to 1 cause a denial of service temporary network outage via a packet with a...