6413 matches found
K15310332: BIG-IP APM open redirect vulnerability CVE-2020-27729
Security Advisory Description An undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI. CVE-2020-27729 Impact An attacker can create a URL with a specially crafted value and trick BIG-IP APM users into visiting the link. Victims may be redirected ...
K13070025: Intel BIOS vulnerabiilties CVE-2021-0159, CVE-2021-0188, CVE-2021-0189, CVE-2021-33103, and CVE-2021-33122
Security Advisory Description CVE-2021-0159 Improper input validation in the BIOS authenticated code module for some IntelR Processors may allow a privileged user to potentially enable aescalation of privilege via local access. CVE-2021-0188 Return of pointer value outside of expected range in th...
K12403422: BIG-IP ASM vulnerability CVE-2018-5541
Security Advisory Description When the BIG-IP ASM system processes HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2018-5541 Impact BIG-IP When this vulnerability is exploited, the BIG-IP ASM system may experience a denial of...
K14693346: TMM vulnerability CVE-2021-22977
Security Advisory Description Cooperation between malicious HTTP client code and a malicious server may cause TMM to restart and generate a core file. CVE-2021-22977 Impact When attackers exploit this vulnerability, the Traffic Management Microkernel TMM restarts, and then the BIG-IP system...
K06747393: TMM vulnerability CVE-2019-6677
Security Advisory Description Under certain conditions, when using custom TCP congestion control settings in a TCP profile, TMM stops processing traffic when processed by an iRule. CVE-2019-6677 Impact The Traffic Management Microkernel TMM may generate a core file and restart, causing a traffic...
K06524534: Linux kernel vulnerability CVE-2021-22555
Security Advisory Description A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This allows an attacker to gain privileges or cause a DoS via heap memory corruption through user name space CVE-2021-22555 Impact This vulnerability may allow an...
K04808933: Intel Processors MMIO Stale Data Advisory vulnerabilities CVE-2022-21123, CVE-2022-21125, and CVE-2022-21127
Security Advisory Description CVE-2022-21123 Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-21125 Incomplete cleanup of microarchitectural fill buffers on some Intel...
K95003704: Java SE vulnerability CVE-2018-3183
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Scripting. Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows...
K88511840: QEMU vulnerability CVE-2015-8345
Security Advisory Description The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service application crash and infinite loop via vectors involving the command block list. CVE-2015-8345 Impact There is no impact; F5 products are not affected by this...
K88126845: BIG-IP APM web pages may be indexed by search engines
Security Advisory Description This issue occurs when all of the following conditions are met: Users connect to the BIG-IP APM system through the internet. The BIG-IP APM system is reachable by search engines. Impact BIG-IP APM web pages may be enumerated and other data may be disclosed. Symptoms ...
K00053434: OPENSSL_LH_flush() function vulnerability CVE-2022-1473
Security Advisory Description The OPENSSLLHflush function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or...
K87141725: BIG-IP APM redirect vulnerability CVE-2017-0302
Security Advisory Description Insufficient boundary checks on the request URL may cause the tmm process to assert when the user is redirected back to the original request URL following successful authentication to the BIG-IP APM system. CVE-2017-0302 Impact An authenticated user with an establish...
K82641075: PHP vulnerability CVE-2018-10545
Security Advisory Description An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpmunix.c makes a PRSETDUMPABLE prctl call, allowing one user in a multiuser...
K77452266: Intel CPU vulnerability CVE-2018-12171
Security Advisory Description Privilege escalation in Intel Baseboard Management Controller BMC firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network. CVE-2018-12171 Impact There is no impact; F5...
K77215791: Linux kernel vulnerability CVE-2017-7277
Security Advisory Description The TCP stack in the Linux kernel through 4.10.6 mishandles the SCMTIMESTAMPINGOPTSTATS feature, which allows local users to obtain sensitive information from the kernels internal socket data structures or cause a denial of service out-of-bounds read via crafted syst...
K74605824: MySQL Server UDF vulnerability CVE-2017-3529
Security Advisory Description Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: UDF. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to...
K82224417: Linux kernel vulnerability CVE-2017-7308
Security Advisory Description The packetsetring function in net/packet/afpacket.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service overflow or possibly have unspecified other impact via crafted system call...
K60381308: Intel CPU vulnerability CVE-2018-3655
Security Advisory Description A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information v...
K68292031: Intel CPU vulnerability CVE-2018-3658
Security Advisory Description Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access. CVE-2018-3658 Impact There is no impact; F5 products are...
K67190282: MySQL X plugin vulnerabilities CVE-2017-3637 and CVE-2017-3646
Security Advisory Description CVE-2017-3637 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: X Plugin. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols...
K54380426: Intel CPU vulnerability CVE-2018-3643
Security Advisory Description A vulnerability in Power Management Controller firmware in systems using specific Intel Converged Security and Management Engine CSME before version 12.0.6 or Intel Server Platform Services firmware before version 4.x.04 may allow a privileged user to potentially...
K58502654: Linux kernel vulnerability CVE-2018-20961
Security Advisory Description In the Linux kernel before 4.16.4, a double free vulnerability in the fmidisetalt function of drivers/usb/gadget/function/fmidi.c in the fmidi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. CVE-2018-20961 Impact The...
K54358814: Apache mod_remoteip vulnerability CVE-2020-11985
Security Advisory Description IP address spoofing when proxying using modremoteip and modrewrite For configurations using proxying with modremoteip and certain modrewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server...
K54296221: Apache httpd vulnerability CVE-2018-17199
Security Advisory Description In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expiry time to be ignored for modsessioncookie sessions since the expiry time is loaded when the session is decoded...
K43700555: GNU C Library (glibc) vulnerability CVE-2021-33574
Security Advisory Description The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service...
K45444778: Intel SSD vulnerabilities CVE-2018-12166 and CVE-2018-12167
Security Advisory Description CVE-2018-12166 Insufficient write protection in firmware for IntelR OptaneTM SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access. CVE-2018-12167 Firmware update routine in bootloader for IntelR...
K45644893: Martian address filtering vulnerability CVE-2019-6654
Security Advisory Description The BIG-IP system fails to perform martian address filtering as defined in RFC 1812, section 5.3.7 for control plane tasks on the management interface. This may allow attackers on an adjacent system to force the BIG-IP system into processing packets with spoofed sour...
K41036924: Linux kernel vulnerability CVE-2014-7843
Security Advisory Description The clearuser function in arch/arm64/lib/clearuser.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service system crash by reading one byte beyond a /dev/zero page boundary. CVE-2014-7843 Impact There is no impact; F5...
K41192923: Intel CPU vulnerability CVE-2018-3616
Security Advisory Description Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. CVE-2018-3616 Impact There is no impact; F5 products...
K35655050: NodeJS vulnerability CVE-2016-1669
Security Advisory Description The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service buffer overflow or possib...
K39041624: NTP vulnerability CVE-2016-9042
Security Advisory Description An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted...
K31833420: Multiple Oracle Java SE vulnerabilities
Security Advisory Description CVE-2022-21305 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and...
K34223526: Linux kernel vulnerability CVE-2018-14641
Security Advisory Description A security flaw was found in the ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ipdofragment. With certain non-default, but non-rare, configuration of a victim host, an...
K35253541: Java vulnerability CVE-2020-14797
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker...
K28942395: OpenSSH vulnerability CVE-2018-15473
Security Advisory Description OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c...
K23134279: Node.js vulnerability CVE-2016-2216
Security Advisory Description The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unicode characters...
K23432927: The BIG-IP ASM system may redirect a client request to an incorrect URL
Security Advisory Description The BIG-IP ASM system may redirect a client request to an incorrect URL after the client browser passes the client-side integrity defense JavaScript challenge. This issue occurs when all of the following conditions are met: You have enabled the Client Side Integrity...
K23312037: Intel CPU vulnerability CVE-2018-3679
Security Advisory Description Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges. CVE-2018-3679 Impact There is no impact; F5 products are not affect...
K99254031: NTP vulnerability CVE-2017-6458
Security Advisory Description Multiple buffer overflows in the ctlput functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. CVE-2017-6458 Impact This vulnerability allows remote authenticated users to have an...
K63597327: Python Flask vulnerability CVE-2018-1000656
Security Advisory Description The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON...
K84933088: Linux kernel vulnerability CVE-2019-19338
Security Advisory Description A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by t...
K63404203: Oracle Java SE vulnerability CVE-2018-11212
Security Advisory Description An issue was discovered in libjpeg 9a. The allocsarray function in jmemmgr.c allows remote attackers to cause a denial of service divide-by-zero error via a crafted file. CVE-2018-11212 Impact Traffix SDC An attacker can exploit this vulnerability to cause a denial o...
K55053009: Oracle Java SE JAXP vulnerability CVE-2020-14621
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with...
K55545288: Linux kernel vulnerability CVE-2019-19046
Security Advisory Description DISPUTED A memory leak in the ipmibmcregister function in drivers/char/ipmi/ipmimsghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering idasimpleget failure, aka CID-4aa7afb0ee20. NOTE: third...
K52325031: Linux kernel vulnerabilities CVE-2019-16231 and CVE-2019-16233
Security Advisory Description CVE-2019-16231 drivers/net/fjes/fjesmain.c in the Linux kernel 5.2.14 does not check the allocworkqueue return value, leading to a NULL pointer dereference. CVE-2019-16233 drivers/scsi/qla2xxx/qlaos.c in the Linux kernel 5.2.14 does not check the allocworkqueue retur...
K48209417: PostgreSQL vulnerabilities CVE-2018-10915 and CVE-2018-10925
Security Advisory Description CVE-2018-10915 A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrust...
K51801290: RSRE Variant 3a vulnerability CVE-2018-3640
Security Advisory Description Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Rea...
K43220413: CPU vulnerability CVE-2019-11184
Security Advisory Description A race condition in specific microprocessors using Intel R DDIO cache allocation and RDMA may allow an authenticated user to potentially enable partial information disclosure via adjacent access. CVE-2019-11184 Impact There is no impact; F5 products are not affected ...
K43024307: BIG-IP iRules vulnerability CVE-2022-41624
Security Advisory Description When a sideband iRule is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. CVE-2022-41624 Impact System performance can degrade until the Traffic Management Microkernel TMM process is either forced to restart or...
K40752270: Linux kernel vulnerability CVE-2019-15917
Security Advisory Description An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hciuartregisterdev fails in hciuartsetproto in drivers/bluetooth/hcildisc.c. CVE-2019-15917 Impact There is no impact; F5 products are not affected by this vulnerability...