6294 matches found
K000152565: Golang-JWT vulnerability CVE-2025-30204
Security Advisory Description golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a...
K000152554: libarchive vulnerability CVE-2025-5914
Security Advisory Description A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result...
K000152542: LibTIFF vulnerability CVE-2024-7006
Security Advisory Description A null pointer dereference flaw was found in Libtiff via tifdirinfo.c. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can...
K000152540: Apache tomcat vulnerability CVE-2025-49125
Security Advisory Description Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was...
K000152448: Linux kernel vulnerability CVE-2023-0386
Security Advisory Description A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug...
K000152445: Golang vulnerability CVE-2024-24789
Security Advisory Description The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The...
K000152389: golang: net/http, x/net/http2 vulnerability CVE-2023-39325
Security Advisory Description A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allo...
K000152366: XZ Utils vulnerability CVE-2025-31115
Security Advisory Description XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and...
K000152313: shadow-utils vulnerability CVE-2024-56433
Security Advisory Description shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to...
K000152311: Busybox vulnerabilities CVE-2022-28391 and CVE-2022-30065
Security Advisory Description CVE-2022-28391 BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors. CVE-2022-30065 A...
K000152189: Intel BIOS vulnerability CVE-2022-21233
Security Advisory Description Improper isolation of shared resources in some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2022-21233 Impact This vulnerability may allow a privileged user to potentially enable information disclosu...
K000152186: Python Jinja2 vulnerability CVE-2025-27516
Security Advisory Description Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an...
K000152103: Fluent Bit vulnerability CVE-2024-4323
Security Advisory Description A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server's parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution. CVE-2024-4323 Impact...
K000152048: Dnsmasq vulnerability CVE-2019-14834
Security Advisory Description A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service memory consumption via vectors involving DHCP response creation. CVE-2019-14834 Impact A remote user may be able to cause a...
K000152046: GNOME GLib vulnerability CVE-2024-52533
Security Advisory Description gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0' character. CVE-2024-52533 Impact There is no impact; F5 products are not affected by this vulnerabilit...
K000152033: PHP vulnerability CVE-2024-1874
Security Advisory Description In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that wou...
K000152032: GRUB2 vulnerability CVE-2025-0678
Security Advisory Description A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously...
K000152020: elfutils vulnerability CVE-2024-25260
Security Advisory Description elfutils v0.189 was discovered to contain a NULL pointer dereference via the handleverdef function at readelf.c. CVE-2024-25260 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluate...
K000151924: runc vulnerability CVE-2024-45310
Security Advisory Description runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a...
K000152019: Python Setup Tools vulnerability CVE-2024-6345
Security Advisory Description A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers,...
K000151995: c-ares vulnerability CVE-2025-31498
Security Advisory Description c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TC...
K000151740: Ruby vulnerability CVE-2024-47220
Security Advisory Description An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the...
K000151869: libexpat vulnerability CVE-2024-8176
Security Advisory Description A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stac...
K000151819: PowerDNS vulnerability CVE-2018-16855
Security Advisory Description An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash. CVE-2018-16855 Impact...
K000151779: Node.js vulnerabilities CVE-2025-23083 and CVE-2025-23085
Security Advisory Description CVE-2025-23083 With the aid of the diagnosticschannel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be...
K000151753: Linux kernel vulnerability CVE-2024-38598
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft...
K000151742: REXML vulnerability CVE-2024-43398
Security Advisory Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML that has many deep elements that have same local name attributes. If you need to parse untrusted XMLs with tree parser API like REXML::Document.new, you may be...
K000151739: Linux kernel vulnerability CVE-2024-47745
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called...
K000151645: SQLite vulnerability CVE-2025-3277
Security Advisory Description An integer overflow can be triggered in SQLite’s concatws function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer...
K000151646: Apache HTTP server vulnerability CVE-2025-31492
Security Advisory Description modauthopenidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. Prior to 2.4.16.11, a bug in a modauthopenidc results in disclosure of protected content to...
K000151516: Python urllib vulnerability CVE-2019-9947
Security Advisory Description An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the...
K000151520: Python vulnerabilities CVE-2018-20852, CVE-2014-4616, and CVE-2013-7040
Security Advisory Description CVE-2018-20852 http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server...
K000151542: OpenSSL vulnerability CVE-2025-4575
Security Advisory Description Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as truste...
K000151528: Elasticsearch vulnerability CVE-2024-43709
Security Advisory Description An allocation of resources without limits or throttling in Elasticsearch can lead to an OutOfMemoryError exception resulting in a crash via a specially crafted query using an SQL function. CVE-2024-43709 Impact There is no impact; F5 products are not affected by this...
K000151474: GNU C Library vulnerability CVE-2025-0395
Security Advisory Description When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. CVE-2025-03...
K000151459: OpenShift vulnerability CVE-2023-2253
Security Advisory Description A flaw was found in the /v2/catalog endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned query string: n. This vulnerability allows a malicious user to submit an unreasonably large value for n, causing the...
K000151431: Intel Ethernet Controller and Adapter vulnerability CVE-2024-24983
Security Advisory Description Protection mechanism failure in firmware for some IntelR Ethernet Network Controllers and Adapters E810 Series before version 4.4 may allow an unauthenticated user to potentially enable denial of service via network access. CVE-2024-24983 Impact This vulnerability ma...
K000151401: Intel CPU vulnerability CVE-2025-20100
Security Advisory Description Improper access control in the memory controller configurations for some IntelR XeonR 6 processor with E-cores may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-20100 Impact There is no impact; F5 products are not...
K000151398: PyTorch vulnerability CVE-2025-32434
Security Advisory Description PyTorch is a Python package that provides tensor computation with strong GPU acceleration and deep neural networks built on a tape-based autograd system. In version 2.5.1 and prior, a Remote Command Execution RCE vulnerability exists in PyTorch when loading a model...
K000151394: MySQL vulnerabilities CVE-2025-30683, CVE-2025-30684, CVE-2025-30685
Security Advisory Description CVE-2025-30683 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network...
K000151397: Apache Tomcat vulnerabilities CVE-2025-31650, CVE-2025-31651
Security Advisory Description CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger a...
K000151412: Apache Tomcat vulnerability CVE-2025-31650
Security Advisory Description CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger a...
K000151411: Apache Tomcat vulnerability CVE-2025-31651
Security Advisory Description CVE-2025-31650 Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger a...
K000151390: Erlang/OTP vulnerabilities CVE-2022-37026 and CVE-2025-32433
Security Advisory Description CVE-2022-37026 In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS. CVE-2025-32433 Erlang/OTP is a set of libraries for the Erlang...
K000151376: Intel CPU vulnerability CVE-2025-20004
Security Advisory Description Insufficient control flow management in the Alias Checking Trusted Module for some IntelR XeonR 6 processor E-Cores firmware may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-20004 Impact There is no impact; F5...
K000151375: Intel Slim Bootloader vulnerability CVE-2025-20083
Security Advisory Description Improper authentication in the firmware for the IntelR Slim Bootloader may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-20083 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K000151357: MySQL vulnerabilities CVE-2025-21574 and CVE-2025-30688
Security Advisory Description CVE-2025-21574 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access...
K000151344: Linux kernel vulnerability CVE-2024-53113
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mm: fix NULL pointer dereference in allocpagesbulknoprof We triggered a NULL pointer dereference for ac.preferredzoneref-zone in allocpagesbulknoprof when the task is migrated between cpusets. When...
K000151336: Linux kernel vulnerability CVE-2024-25739
Security Advisory Description createemptylvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-lebsize. CVE-2024-25739 Impact There is no impact; F5 products are not affected by this vulnerability. Securi...
K000151335: Linux kernel vulnerability CVE-2024-27056
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointe...