6390 matches found
K43205719: NTP input validation vulnerability CVE-2016-1550
Security Advisory Description An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key. CVE-2016-1550...
K15797: Linux kernel vulnerability CVE-2012-4461
Security Advisory Description The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service kernel OOPS by using the KVMSETSREGS ioctl to set the X86CR4OSXSAVE bit in the guest cr4 register, then...
K17155: TMM vulnerability CVE-2015-4638
Security Advisory Description The Traffic Management Microkernel TMM may restart and produce a core file when a FastL4 virtual server processes a fragmented packet. CVE-2015-4638 Impact The Traffic Management Microkernel TMM may restart and temporarily fail to process traffic. Security Advisory...
K15751: OpenSSH vulnerability CVE-2007-0726
Security Advisory Description The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break...
K16381: Linux kernel vulnerability CVE-2014-9683
Security Advisory Description Off-by-one error in the ecryptfsdecodefromfilename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted...
K16380: FreeType vulnerabilities CVE-2014-9656 and CVE-2014-9659
Security Advisory Description CVE-2014-9656 The ttsbitdecoderloadimage function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a...
K17170: Java vulnerability CVE-2015-4736
Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2015-4736 Impact There is no impact; F5 products are not affected by this...
K13421245: TMM vulnerability CVE-2017-6162
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects T...
K82252291: BIND vulnerability CVE-2020-8623
Security Advisory Description In BIND 9.10.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.10.5-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the...
K52144175: libarchive vulnerability CVE-2019-18408
Security Advisory Description archivereadformatrarreaddata in archivereadsupportformatrar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVEFAILED situation, related to Ppmd7DecodeSymbol. CVE-2019-18408 Impact There is no impact; F5 products are not affected by this...
K19157044: libtirpc vulnerability CVE-2013-1950
Security Advisory Description The svcdggetargs function in libtirpc 0.2.3 and earlier allows remote attackers to cause a denial of service rpcbind crash via a Sun RPC request with crafted arguments that trigger a free of an invalid pointer. CVE-2013-1950 Impact Attackers may be able to perform a...
K00032124: BIG-IP last hop kernel module vulnerability CVE-2015-5516
Security Advisory Description The BIG-IP last hop kernel module may leak memory when processing User Datagram Protocol UDP traffic. The memory leak may cause denial-of-service DoS conditions for the BIG-IP system. Impact The following configurations may allow a remote attacker to cause a memory...
K42406850: F5 SIRT response to the Ukraine crisis
Security Advisory Description Over the past few weeks, the world has watched as tensions have risen between Russia and Ukraine, and most recently, those tensions have escalated into a military conflict. F5 is deeply concerned for the safety of those in harm's way and the impact to everyone affect...
K35424631: OpenSSH vulnerability CVE-2016-1907
Security Advisory Description The sshpacketreadpoll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service out-of-bounds read and application crash via crafted network traffic. CVE-2016-1907 Impact Remote attackers may be able to cause a denial-of-servi...
K71059632: PHP vulnerability CVE-2015-8616
Security Advisory Description Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collatorsort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging the...
K14132811: Java vulnerability CVE-2015-4893
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911. CVE-2015-4893...
K000132492: SQLite vulnerability CVE-2022-46908
Security Advisory Description SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. CVE-2022-46908 Impact There is no impact; F5 produc...
K06345931: F5OS vulnerability CVE-2023-22657
Security Advisory Description Processing F5OS tenant file names may allow for command injection. CVE-2023-22657 Impact An attacker may trick an administrator to upload a file with a specially crafted file name that injects commands. Security Advisory Status F5 Product Development has assigned ID...
K92859602: BIG-IP TMM iRules vulnerability CVE-2016-5024
Security Advisory Description Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service Traffic Management Microkernel restart via crafted network traffic...
K82851041: TMM vulnerability CVE-2017-6137
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection i...
SOL17119920 - BIG-IP ASM vulnerability CVE-2016-7472
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL43267483 - PHP vulnerability CVE-2016-5766
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL74363721 - NTP vulnerability CVE-2015-7975
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17563 - Apache Struts vulnerability CVE-2015-2992
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL17526 - NTP vulnerability CVE-2015-7848
Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue hotfix policy...
SOL16877 - libuser vulnerability CVE-2011-0002
libuser before 0.57 uses a cleartext password value of 1 !! or 2 x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values. CVE-2011-0002...
SOL16827 - Apache Struts vulnerability CVE-2015-1831
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL15642 - Samba vulnerability CVE-2013-4476
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15500 - SSL acceleration card timing vulnerability CVE-2014-4024
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15229 - BIG-IQ / BIG-IP privilege escalation vulnerability CVE-2014-3220
If the BIG-IQ 4.1 system is used to discover a BIG-IP 11.3.0 or 11.4.0 system, an authenticated user on the BIG-IP system may be able to modify the password of another user, including an administrator. Recommended Action If the previous table lists a version in the Versions known to be not...
SOL11719 - Mitigating risk from SSH brute force login attacks
Vulnerability Description F5 products and versions that are affected by this Security Advisory F5 Product Development has determined that all products and versions are affected by the issue described in this security advisory. Note: For information about signing up to receive security notice...
SOL8508 - Cross-site scripting vulnerability in installControl.php3 page
A cross-site scripting XSS vulnerability exists in the FirePass installControl.php3 page, which is accessible prior to authentication. The installControl.php3 page fails to fully sanitize URL input before the web page content is sent to the browser. It is possible for an attacker to create web...
SOL1618 - Multiple SNMP vulnerabilities CA-2002-03
Information about this advisory is available at the following location:...
SOL3066 - OpenSSH buffer management vulnerability - CA-2003-24
For information about this vulnerability, refer to...
K000161576: Linux kernel vulnerabilities CVE-2025-39841 and CVE-2025-39727
Security Advisory Description CVE-2025-39841 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the ...
K000156685: Multiple ImageMagick vulnerabilities
Security Advisory Description CVE-2014-9808 ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash via a crafted dpc image. CVE-2014-9809 ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash vi...
K000151412: Apache Tomcat vulnerability CVE-2025-31650
Security Advisory Description CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger a...
K000150505: LuaJIT vulnerabilities CVE-2019-19391, CVE-2020-15890, CVE-2020-24372
Security Advisory Description CVE-2019-19391 In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled...
K000150394: Intel QuickAssist Technology vulnerabilities CVE-2024-29223, CVE-2023-32277, CVE-2024-31153, and CVE-2024-31858
Security Advisory Description CVE-2024-29223 Uncontrolled search path for some IntelR QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2023-32277 Untrusted Pointer Dereference in I/O subsystem...
K000150185: TCP/IP protocol vulnerabilities CVE-2024-7595, CVE-2024-7596, CVE-2025-23018, and CVE-2025-23019
Security Advisory Description CVE-2024-7595 GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected...
K000148713: libssh2 vulnerabilities CVE-2019-3858 and CVE-2019-3862
Security Advisory Description CVE-2019-3858 An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...
K000148511: WebKitGTK and WPE WebKit vulnerability CVE-2023-42950
Security Advisory Description A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...
K000148485: qt vulnerabilities CVE-2017-10905 and CVE-2014-0190
Security Advisory Description CVE-2017-10905 A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors. CVE-2014-0190 The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of...
K000148343: Diffie-Hellman key exchange protocol vulnerability CVE-2024-41996
Security Advisory Description Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers from the client side to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client...
K000148290: Moment.JS vulnerabilities CVE-2017-18214 and CVE-2022-24785
Security Advisory Description CVE-2017-18214 The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055. CVE-2022-24785 Moment.js is a JavaScript date library for parsing, validating,...
K000141528: glibc vulnerability CVE-2024-33600
Security Advisory Description nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's nscd cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cach...
K000141358: Multiple libpng vulnerabilities
Security Advisory Description CVE-2016-3751 Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...
K000140953: libarchive vulnerability CVE-2023-30571
Security Advisory Description Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask...
K000140742: MySQL vulnerability CVE-2024-21179
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
K000139938: BIG-IP Next Central Manager vulnerability CVE-2024-37028
Security Advisory Description BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. CVE-2024-37028 Impact An unauthenticated attacker can exploit this vulnerability to lock out a BIG-IP Next Central Manager webUI account that has never been logged...