6413 matches found
K21350967: OpenSSH vulnerability CVE-2019-6111
Security Advisory Description An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory...
K06145135: Remote DNS security filter vulnerabilities CVE-2003-1491 and CVE-2004-1473
Security Advisory Description CVE-2003-1491 Kerio Personal Firewall KPF 2.1.4 has a default rule to accept incoming packets from DNS UDP port 53, which allows remote attackers to bypass the firewall filters via packets with a source port of 53. CVE-2004-1473 Symantec Enterprise Firewall/VPN...
K05510205: Linux kernel vulnerability CVE-2018-14678
Security Advisory Description An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xenfailsafecallback entry point in arch/x86/entry/entry64.S does not properly maintain RBX, which allows local users to cause a denial of service uninitialized memory usag...
K08306700: DHCP client vulnerability CVE-2018-5732
Security Advisory Description An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet. CVE-2018-5732...
K82907233: PHP vulnerability CVE-2017-5340
Security Advisory Description Zend/zendhash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service integer overflow, uninitialized memory access, and use of...
K73657294: BIG-IP APM VDI plugin vulnerability CVE-2020-27722
Security Advisory Description Under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption. CVE-2020-27722 Impact This affects only a BIG-IP APM virtual server configured with a Virtual Desktop Infrastructure VDI profile. Your BIG-I...
K80557033: Linux kernel vulnerability CVE-2018-16882
Security Advisory Description A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In nestedgetvmcs12pages, in case of an error while processing posted interrupt address, it unmaps the 'pidescpage' witho...
K54724312: Linux kernel vulnerability CVE-2022-0492
Security Advisory Description A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation...
K50343630: iAppsLX REST vulnerability CVE-2020-27727
Security Advisory Description When an authenticated administrative user installs RPMs using the iAppsLX REST installer, the BIG-IP system does not sufficiently validate user input, allowing the user read access to the filesystem. CVE-2020-27727 Impact An attacker can exploit this vulnerability as...
K50394032: Java SE vulnerabilities CVE-2018-3149, CVE-2018-3169, and CVE-2018-3209
Security Advisory Description CVE-2018-3149 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit...
K40812100: OpenSSL vulnerability CVE-2021-3711
Security Advisory Description In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is...
K32541890: DHCP Client Script Code Execution vulnerability CVE-2018-1111
Security Advisory Description DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP...
K20219314: OpenSSL vulnerability CVE-2015-1794
Security Advisory Description The ssl3getkeyexchange function in ssl/s3clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service segmentation fault via a zero p value in an anonymous Diffie-Hellman DH ServerKeyExchange message. CVE-2015-1794 Impact There is no impac...
K16940442: Java SE vulnerability CVE-2018-3136
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacke...
K15351: OpenSSL DTLS ChangeCipherSpec vulnerability CVE-2009-1386
Security Advisory Description ssl/s3pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a DTLS ChangeCipherSpec packet that occurs before ClientHello. CVE-2009-1386 Impact None Security Advisory Status To determine if...
K15359: OpenSSL vulnerability CVE-2009-1378
Security Advisory Description Multiple memory leaks in the dtls1processoutofseqmessage function in ssl/d1both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service memory consumption via DTLS records that 1 are duplicates or 2 have sequence numbers muc...
K15329: SSL_MODE_RELEASE_BUFFERS vulnerability CVE-2014-0198
Security Advisory Description The dossl3write function in s3pkt.c in OpenSSL 1.x through 1.0.1g, when SSLMODERELEASEBUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service NULL pointer dereference and...
K15277: ICMP vulnerability CVE-1999-0524
Security Advisory Description ICMP information such as 1 netmask and 2 timestamp is allowed from arbitrary hosts. CVE-1999-0524 Impact This vulnerability allows unauthorized disclosure of information. Security Advisory Status To determine if your release is known to be vulnerable, the components ...
K15311661: NodeJS vulnerability CVE-2016-2086
Security Advisory Description Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. CVE-2016-2086 Impact An attacker may be able to perform HTTP reques...
K15278: SSL renegotiation vulnerability CVE-2011-1473
Security Advisory Description DISPUTED OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service CPU consumption by performing many...
K45616155: Nettle vulnerability CVE-2018-16869
Security Advisory Description A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extrac...
K42204713: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2016-3424 Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. CVE-2016-3440 Unspecified vulnerability in Oracle MySQL 5.7.11 and earlier allows remote...
K15401: OpenSSL vulnerability CVE-2012-2333
Security Advisory Description Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a...
K18955141: GnuTLS vulnerability CVE-2018-16868
Security Advisory Description A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plainte...
K25225860: Linux kernel vulnerabilities CVE-2019-6454, CVE-2020-12888, and CVE-2020-36385
Security Advisory Description CVE-2019-6454 An issue was discovered in sd-bus in systemd 239. busprocessobject in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit thi...
K14930: PHP vulnerability CVE-2011-4718
Security Advisory Description Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. CVE-2011-4718 Impact None Security Advisory Status To determine if your release is known to be vulnerable, the...
K06208063: Linux kernel vulnerability CVE-2018-1000004
Security Advisory Description In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition. CVE-2018-1000004 Impact There is no impact; F5 products are not affected by this...
K10281096: TLS in Mozilla NSS vulnerability CVE-2018-12404
Security Advisory Description A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack AKA Bleichenbacher attack and affects all NSS versions prior to NSS 3.41. CVE-2018-1240...
K67404630: Oracle WebLogic Server vulnerabilities CVE-2018-2894 and CVE-2018-2935
Security Advisory Description CVE-2018-2894 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Web Services. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticat...
K6339: Sendmail race condition - VU#834865
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...
K5533: Potential protocol version rollback vulnerability in OpenSSL - CVE-2005-2969
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this Solution have not been evaluated for...
K45810018: Multiple Insyde BIOS/EFI vulnerabilities
Security Advisory Description CVE-2020-5953 A vulnerability exists in System Management Interrupt SWSMI handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT EFIRUNTIMESERVICES pointer to call a GetVariable service, which is located outside of SMRAM. This can resu...
K4809: tcpdump vulnerabilities CAN-2005-1278, CAN-2005-1279, and CAN-2005-1280
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K11795: Pre-logon sequence vulnerability to Cross-Site Scripting
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K06372014: PHP vulnerability CVE-2019-9023
Security Advisory Description An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur...
K06323049: BIG-IP IPsec ALG vulnerability CVE-2022-29473
Security Advisory Description When an IPSec ALG profile is configured on a virtual server, undisclosed responses can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-29473 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows an unauthenticated...
K9754: BIND 9 vulnerability CVE-2009-0025
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K9761: PHP vulnerability - CVE-2008-5557
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K97120268: Apache Log4j SQL injection vulnerability CVE-2022-23305
Security Advisory Description By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL...
K76444020: OpenJDK vulnerabilities CVE-2019-2933 and CVE-2019-2958
Security Advisory Description CVE-2019-2933 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows...
K67416037: Linux kernel vulnerability CVE-2021-23133
Security Advisory Description A race condition in Linux kernel SCTP sockets net/sctp/socket.c before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctpdestroysock is called without socknetsk-sctp.addrwqlock then an element is...
K80922332: PHP vulnerability CVE-2015-8866
Security Advisory Description ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxmldisableentityloader changes in other threads, which allows remote attackers to conduct XML External Entity XXE and XML Entity Expansion XEE...
K43167094: Apache Struts 2 vulnerability CVE-2016-6795
Security Advisory Description In the Convention plugin in Apache Struts 2.3.20 through 2.3.30, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side. CVE-2016-6795 Impact There is no impact; F5 products are not affected by thi...
K45752041: Samba vulnerability CVE-2021-44141
Security Advisory Description All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in...
K43314223: libxml2 vulnerability CVE-2016-1835
Security Advisory Description Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document. CVE-2016-1835 Impact Allows an attacke...
K34002344: Overview of Log4j vulnerabilities (2021 and 2022)
Security Advisory Description This document is intended to serve as an overview of the 2021 and 2022 Log4j vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated security advisory. High CVEs Medium CVEs Not Vulnerable CVEs High CV...
K34985231: PHP vulnerabilities CVE-2016-6288 and CVE-2016-6289
Security Advisory Description CVE-2016-6288 The phpurlparseex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via vectors involving the smartstr data type. CVE-2016-6289 Integer...
K40564589: PHP vulnerability CVE-2016-7126
Security Advisory Description The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service selectcolors allocation error and out-of-bounds write or possibl...
K19820866: Linux kernel vulnerability CVE-2018-7492
Security Advisory Description A NULL pointer dereference was found in the net/rds/rdma.c rdsrdmamap function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDSGETMR and RDSGETMRFORDEST. CVE-2018-7492 Impact There is no impact...
K31113511: Apache APISIX Dashboard vulnerability CVE-2021-45232
Security Advisory Description In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework droplet on the basis of framework gin, all APIs and authentication middleware are developed based on framework droplet, but some API directly use the interface of...