6294 matches found
K000150901: Linux kernel vulnerability CVE-2024-46713
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event-mmapmutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order...
K000150879: OpenSSH vulnerability CVE-2025-26466
Security Advisory Description A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep...
K000150876: OpenSSH vulnerability CVE-2025-26465
Security Advisory Description A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions...
K000150869: Linux kernel vulnerabilities CVE-2024-53197 and CVE-2024-53150
Security Advisory Description CVE-2024-53197 In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in...
K000150814: BIND vulnerability CVE-2024-11187
Security Advisory Description It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use...
K000150849: zlib vulnerability CVE-2016-9842
Security Advisory Description The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. CVE-2016-9842 Impact There is no impact; F5 products are not affected by this vulnerability...
K000150813: Linux kernel vulnerability CVE-2024-50252
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encapsulation in linear memory that is managed by the driver. Changing the...
K000150805: Multiple Wireshark/tshark vulnerabilities
Security Advisory Description CVE-2018-9274 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failuremessage.c has a memory leak. CVE-2018-9273 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak. CVE-2018-9272 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to...
K000150804: Multiple Wireshark/tshark vulnerabilities
Security Advisory Description CVE-2020-26575 In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. CVE-2018-14339 In Wireshark 2.6.0 to...
K000150784: OpenSSL vulnerability CVE-2024-13176
Security Advisory Description Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker...
K000150762: jsoup vulnerabilities CVE-2015-6748, CVE-2021-37714, and CVE-2022-36033
Security Advisory Description CVE-2015-6748 Cross-site scripting XSS vulnerability in jsoup before 1.8.3. CVE-2021-37714 jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run ...
K000150761: gRPC vulnerabilities CVE-2023-32732 and CVE-2023-33953
Security Advisory Description CVE-2023-32732 gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed ...
K000150749: Python vulnerability CVE-2024-4032
Security Advisory Description The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network,...
K000150746: PostgreSQL vulnerabilities CVE-2021-32028 and CVE-2021-32029
Security Advisory Description CVE-2021-32028 A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO UPDATE command on a purpose-crafted table, an authenticated database user could read arbitrary bytes of server memory. The highest threat from this vulnerability is to data...
K000150744: PostgreSQL vulnerability CVE-2025-1094
Security Advisory Description Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requir...
K000150719: Multiple PHP vulnerabilities
Security Advisory Description CVE-2024-11235 In PHP versions 8.3. before 8.3.19 and 8.4. before 8.4.5, a code sequence involving set handler or ??= operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by...
K000150538: Kubernetes ingress-nginx vulnerabilities CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, and CVE-2025-24514
Security Advisory Description CVE-2025-1097 also known as IngressNightmare A security issue was discovered in ingress-nginx https : //github . com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary cod...
K000150411: Net-SNMP vulnerability CVE-2018-1000116
Security Advisory Description NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution. CVE-2018-1000116 Impact An attacker can exploit this vulnerability with a crafted UDP packet and cause a denial-of-service DoS on the SNM...
K000150410: Net-SNMP vulnerability CVE-2018-18065
Security Advisory Description setkey in agent/helpers/tablecontainer.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. CVE-2018-18065 Impact An...
K000150507: IPsec-Tools vulnerability CVE-2008-3652
Security Advisory Description src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" phase 1 handle when it has been initiated remotely, which allows remote attackers to cause a denial of service resource consumption. CVE-2008-3652 Impact There is no impact; F5 products a...
K000150506: Lua vulnerabilities CVE-2014-5461, CVE-2021-43519
Security Advisory Description CVE-2014-5461 Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service crash via a small number of arguments to a function with a large number of fixed arguments...
K000150505: LuaJIT vulnerabilities CVE-2019-19391, CVE-2020-15890, CVE-2020-24372
Security Advisory Description CVE-2019-19391 In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled...
K000150488: Multiple Wireshark/tshark vulnerabilities
Security Advisory Description CVE-2020-26575 In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. CVE-2018-14339 In Wireshark 2.6.0 to...
K000150484: Apache Tomcat vulnerability CVE-2025-24813
Security Advisory Description Path Equivalence: 'file . Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through...
K000150486: Wireshark/tshark vulnerabilities CVE-2018-9264, CVE-2018-9261, and CVE-2018-19623
Security Advisory Description CVE-2018-9264 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. This was addressed in epan/dissectors/packet-adb.c by checking for a length inconsistency. CVE-2018-9261 In Wireshark 2.4.0 to 2.4.5 and...
K000150459: Apache Camel vulnerability CVE-2024-22369
Security Advisory Description Deserialization of Untrusted Data vulnerability in Apache Camel SQL ComponentThis issue affects Apache Camel: from 3.0.0 before 3.21.4, from 3.22.0 before 3.22.1, from 4.0.0 before 4.0.4, from 4.1.0 before 4.4.0. Users are recommended to upgrade to version 4.4.0, whi...
K000150458: Apache Camel vulnerability CVE-2025-27636
Security Advisory Description Bypass/Injection vulnerability in Apache Camel components under particular conditions. This issue affects Apache Camel: from 4.10.0 through = 4.10.1, from 4.8.0 through = 4.8.4, from 3.10.0 through = 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10...
K000150452: Imagemagick vulnerability CVE-2021-40211
Security Advisory Description An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c. CVE-2021-40211 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...
K000150432: Intel UEFI vulnerabilities CVE-2024-39279 and CVE-2024-28047
Security Advisory Description CVE-2024-39279 Insufficient granularity of access control in UEFI firmware in some IntelR processors may allow a authenticated user to potentially enable denial of service via local access. CVE-2024-28047 Improper input validation in UEFI firmware for some IntelR...
K000150431: Multiple Intel UEFI firmware vulnerabilities
Security Advisory Description CVE-2023-34440 Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-43758 Improper input validation in UEFI firmware for some IntelR processors may...
K000150408: Pixman vulnerabilities CVE-2022-44638 and CVE-2023-37769
Security Advisory Description CVE-2022-44638 In libpixman in Pixman before 0.42.2, there is an out-of-bounds write aka heap-based buffer overflow in rasterizeedges8 due to an integer overflow in pixmansamplefloory. CVE-2023-37769 stress-test master commit e4c878 was discovered to contain a FPE...
K000150407: Multiple Net-SNMP vulnerabilities
Security Advisory Description CVE-2022-44793 handleipv6IpForwarding in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service...
K000150406: jQuery vulnerability CVE-2007-2379
Security Advisory Description The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and...
K000150394: Intel QuickAssist Technology vulnerabilities CVE-2024-29223, CVE-2023-32277, CVE-2024-31153, and CVE-2024-31858
Security Advisory Description CVE-2024-29223 Uncontrolled search path for some IntelR QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2023-32277 Untrusted Pointer Dereference in I/O subsystem...
K000150363: Multiple rsync vulnerabilities
Security Advisory Description CVE-2024-12084 A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write out of...
K000150344: Multiple Wireshark/tshark vulnerabilities
Security Advisory Description CVE-2019-5721 In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided. CVE-2019-5719 In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to...
K000150343: Wireshark/tshark vulnerabilities CVE-2018-11359, CVE-2018-11358, CVE-2018-11356, CVE-2023-2906, and CVE-2019-9209
Security Advisory Description CVE-2018-11359 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference. CVE-2018-11358 In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to...
K000150341: Wireshark/tshark vulnerabilities CVE-2018-14344, CVE-2018-14343, CVE-2018-14340, CVE-2018-11362, and CVE-2018-11360
Security Advisory Description CVE-2018-14344 In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ISMP dissector could crash. This was addressed in epan/dissectors/packet-ismp.c by validating the IPX address length to avoid a buffer over-read. CVE-2018-14343 In Wireshark 2.6.0 to...
K000150338: Wireshark/tshark vulnerabilities CVE-2019-10899, CVE-2019-10896, CVE-2019-10895, CVE-2019-10894, and CVE-2018-9263
Security Advisory Description CVE-2019-10899 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. CVE-2019-10896 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7,...
K000150339: Wireshark/tshark vulnerabilities CVE-2018-9256, CVE-2018-18227, CVE-2018-14370, CVE-2018-14369, and CVE-2018-14367
Security Advisory Description CVE-2018-9256 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth. CVE-2018-18227 In Wireshark 2.6.0 to 2.6.3 and...
K000150337: Wireshark/tshark vulnerabilities CVE-2018-9262, CVE-2018-9260, CVE-2018-9259, CVE-2018-9258, and CVE-2018-9257
Security Advisory Description CVE-2018-9262 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth. CVE-2018-9260 In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to...
K000150336: Wireshark/tshark vulnerabilities CVE-2019-9214, CVE-2019-9208, CVE-2019-13619, CVE-2019-10903, and CVE-2019-10901
Security Advisory Description CVE-2019-9214 In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation. CVE-2019-9208 In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to...
K000150321: libarchive vulnerability CVE-2016-10209
Security Advisory Description The archivewstringappendfrommbs function in archivestring.c in libarchive 3.2.2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive file. CVE-2016-10209 Impact This vulnerability may result in a...
K000150308: Linux kernel vulnerability CVE-2024-26935
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 "scsi: core: Remove the /proc/scsi/$procname directory earlier" fixed a bug related to modules loading/unloading, by...
K000150304: Apache Camel vulnerability CVE-2025-27636
Security Advisory Description Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 through = 4.10.1, from 4.8.0 through = 4.8.4, from 3.10.0 through = 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4...
K000150300: json-c vulnerability CVE-2013-6370 and CVE-2013-6371
Security Advisory Description CVE-2013-6370 Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors. CVE-2013-6371 The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of...
K000150297: json-c vulnerability CVE-2020-12762
Security Advisory Description json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbufmemappend. CVE-2020-12762 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
K000150232: Multiple PHP vulnerabilities
Security Advisory Description CVE-2007-2728 The soap extension in PHP calls phprandr with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcryptcreateiv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security...
K000150231: PCRE vulnerabilities CVE-2017-6004, CVE-2019-20838, and CVE-2014-8964
Security Advisory Description CVE-2017-6004 The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 e.g., the PHP 7.1.1 bundled version allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted regular...
K000150204: PostgreSQL vulnerability CVE-2015-3166
Security Advisory Description The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified...