6402 matches found
K17529: NTP vulnerability CVE-2015-7703
Security Advisory Description The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of...
K17517: NTP vulnerability CVE-2015-7701
Security Advisory Description Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption. CVE-2015-7701 Impact An attacker could send packets tontpd that may, after several days of...
K05403841: BIG-IP and BIG-IQ improvements disclosed by Rapid7
Security Advisory Description BIG-IP and BIG-IQ improvements disclosed by Rapid7 Important : F5 recognizes these issues are security related. However, there is no known way to exploit these issues without first bypassing existing security controls using an unknown or undiscovered mechanism,...
K02692210: BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2017-6157
Security Advisory Description BIG-IP virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or...
K01051452: NGINX Ingress Controller vulnerability CVE-2021-23055
Security Advisory Description The command line restriction that controls snippet use with NGINX Ingress Controller does not apply to Ingress objects. CVE-2021-23055 Impact An attacker with privileges to deploy Ingress resources can inject configuration snippets that may allow them to gain access ...
K17263: OpenSSH vulnerabilities CVE-2015-6563 and CVE-2015-6564
Security Advisory Description CVE-2015-6563 The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction...
K05016441: Oracle Java vulnerability CVE-2016-3508
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500. CVE-2016-3508 Impact An attacker...
K01112063: NGINX ngx_http_hls_module vulnerability CVE-2022-41743
Security Advisory Description NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttphlsmodule that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issu...
K11932200: glibc vulnerability CVE-2019-1010023
Security Advisory Description GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ld...
K12896623: glibc vulnerability CVE-2018-1000001
Security Advisory Description In glibc 2.26 and earlier there is confusion in the usage of getcwd by realpath which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. CVE-2018-1000001 Impact There is no impact; F5 products are not affect...
K02585438: MySQL vulnerabilities CVE-2019-2815, CVE-2019-2819, CVE-2019-2822, and CVE-2019-2826
Security Advisory Description CVE-2019-2815 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
K03444640: MySQL vulnerabilities CVE-2019-2740, CVE-2019-2741, CVE-2019-2743, CVE-2019-2746, and CVE-2019-2747
Security Advisory Description CVE-2019-2740 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: XML. Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with...
K17118: Linux kernel vulnerability CVE-2015-2042
Security Advisory Description net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. CVE-2015-204...
K17113: OpenSSH vulnerability CVE-2015-5600
Security Advisory Description The kbdintnextdevice function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a...
K17114: NTP vulnerability CVE-2015-5146
Security Advisory Description ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service service crash via a NULL byte i...
K01837042: Multiple Wireshark (tshark) vulnerabilities
Security Advisory Description CVE-2015-8711 epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash v...
K03585731: F5 secure shell vulnerability CVE-2020-5873
Security Advisory Description A user associated with the Resource Administrator role who has access to the secure copy scp utility but does not have access to Advanced Shell bash can execute arbitrary commands using a maliciously crafted scp request. CVE-2020-5873 Impact An authenticated user wit...
K9642: Samba vulnerability CVE-2008-1105
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K75248350: QEMU vulnerability CVE-2016-1714
Security Advisory Description The 1 fwcfgwrite and 2 fwcfgread functions in hw/nvram/fwcfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAPSYSRAWIO privilege to cause a denial of service out-of-bounds read or write access...
K75910138: Python vulnerabilities CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, and CVE-2012-1150
Security Advisory Description CVE-2011-1521 The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service...
K76594024: libidn vulnerability CVE-2017-14062
Security Advisory Description Integer overflow in the decodedigit function in punydecode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact. CVE-2017-14062 Impact This vulnerability may allow attackers to cause a denial of...
K54229563: Python vulnerability CVE-2010-3492
Security Advisory Description The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier...
K55225440: BIG-IP SOCKS proxy vulnerability CVE-2017-6148
Security Advisory Description Responses to SOCKS proxy requests made through the BIG-IP system may cause a disruption of service provided by the Traffic Management Microkernel TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is attached to a virtual server. The control...
K60565503: OpenJDK vulnerability CVE-2005-1080
Security Advisory Description Directory traversal vulnerability in the Java Archive Tool Jar utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. dot dot in filenames in a .jar file. CVE-2005-1080 Impact There is no impact; F5...
K60499474: Apache Struts vulnerability CVE-2018-11776
Security Advisory Description Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when using results with no namespace and in same time, its upper actions have no or wildcard namespace. Same possibility when using url tag which doesn't have value and...
K53737506: Linux kernel vulnerability CVE-2019-19070
Security Advisory Description DISPUTED A memory leak in the spigpioprobe function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering devmaddactionorreset failures, aka CID-d3b0ffa1d75d. NOTE: third parties...
K54082580: BIG-IP CGNAT LSN vulnerability CVE-2022-26517
Security Advisory Description When the BIG-IP CGNAT Large Scale NAT LSN pool is configured on a virtual server and packet filtering is enabled, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-26517 For more information about packet filters, refer to th...
K74843522: MySQL vulnerabilities CVE-2016-9843, CVE-2018-3133, CVE-2018-3137, CVE-2018-3143, and CVE-2018-3144
Security Advisory Description CVE-2016-9843 The crc32big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. CVE-2018-3133 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent:...
K67830124: Linux kernel ext3/ext4 file system vulnerability CVE-2020-14314
Security Advisory Description A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from...
K62201098: BADoS vulnerability CVE-2018-5526
Security Advisory Description Under certain conditions, Behavioral DoS BADoS protection may fail during an attack. CVE-2018-5526 Impact BADoS protection does not function as intended. Security Advisory Status F5 Product Development has assigned IDs 714350 and 714369 BIG-IP to this vulnerability. ...
K59448931: BIND vulnerability CVE-2017-3142
Security Advisory Description An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely o...
K53648360: Linux kernel vulnerability CVE-2022-27666
Security Advisory Description A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...
K34893234: BIG-IP APM Appliance mode vulnerability CVE-2022-31473
Security Advisory Description When running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit can allow the attacker to cross a security boundary...
K33101555: Nettle cryptography library vulnerability CVE-2021-20305
Security Advisory Description A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in...
K18407453: Glib vulnerabilities CVE-2018-10767, CVE-2019-12450, and CVE-2019-19126
Security Advisory Description CVE-2018-10767 There is a stack-based buffer over-read in calling GLib in the function gxpsimagesguesscontenttype of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a ginputstreamread call. A crafted input will lead to a...
K17242: Linux kernel SCTP vulnerability CVE-2015-1421
Security Advisory Description Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT...
K17227: BIND vulnerability CVE-2015-5986
Security Advisory Description An incorrect boundary check in openpgpkey61.c can cause named to terminate due to a REQUIRE assertion failure. This defect can be deliberately exploited by an attacker who can provide a maliciously constructed response in answer to a query. CVE-2015-5986 Impact A...
K17235: PCRE library vulnerability CVE-2015-3210
Security Advisory Description Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^?P=B?P=B?J:?Pc?Pa?P=BWGXCREDITS/, a different vulnerability than CVE-2015-8384. CVE-2015-3210...
K15882: TLS1.x padding vulnerability CVE-2014-8730
Security Advisory Description Incorrect TLS padding may be accepted when terminating TLS 1.x CBC cipher connections. CVE-2014-8730 Impact Attackers may be able to calculate the plaintext of secure connections. Security Advisory Status F5 Product Development has assigned IDs 451218, 450804, and...
K15883: Net-SNMP vulnerability CVE-2012-2141
Security Advisory Description Array index error in the handlensExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service out-of-bounds read and snmpd crash via an SNMP GET request for an entry not in the extension...
K15865: Apache HTTP server vulnerability CVE-2012-4558
Security Advisory Description Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject...
K15863: Libtiff vulnerabilities CVE-2012-1173 and CVE-2012-2088
Security Advisory Description CVE-2012-1173 Multiple integer overflows in tiffgetimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the 1 gtTileSeparate or 2 gtStripSeparate function, leading to a...
K13108: TCP Packet Filtering Weakness - CERT VU#464113
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribing to email notifications regarding F5 products. Note : Versions that are not listed in this article have not been evaluated for vulnerability to this securit...
K42842401: MySQL vulnerabilities CVE-2018-3145, CVE-2018-3155, CVE-2018-3156, CVE-2018-3161, and CVE-2018-3162
Security Advisory Description CVE-2018-3145 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Parser. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco...
K13053402: TMM vulnerability CVE-2016-7468
Security Advisory Description An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db...
K41900062: Linux kernel vulnerability CVE-2017-15127
Security Advisory Description A flaw was found in the hugetlbmcopyatomicpte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VMSHARED hugetlbfs mapping could trigger a local denial of service BUG. CVE-2017-15127 Impact There is no impact; F5 product...
K4232: BIND version 8.4.4 and 8.4.5 vulnerability CAN-2005-0033
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...
K4207: Buffer overflow in mod_include - CAN-2004-0940
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K32734107: BIG-IP APM vulnerability CVE-2021-23052
Security Advisory Description An open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious user to build an open redirect URI. CVE-2021-23052 Impact An unauthenticated attacker can create an open redirect...
K30446705: GnuTLS vulnerability CVE-2020-13777
Security Advisory Description GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3. The earliest affected version is 3.6.4 2018-09-24 because of an error in a 2018-09-18 commit. Until t...