6294 matches found
K15928: Network Time Protocol vulnerability CVE-2009-1252
Security Advisory Description Stack-based buffer overflow in the cryptorecv function in ntpcrypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field...
K15903: Multiple PHP vulnerabilities
Security Advisory Description Description CVE-2012-3365 The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors. CVE-2012-2329 Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4...
K15922322: MySQL vulnerability CVE-2016-8288
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin. CVE-2016-8288 Impact There is no impact; F5 products are not affected by this...
K15905: Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
Security Advisory Description CVE-2009-3560 The big2toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service application crash via an XML document with malformed UTF-8 sequences that trigge...
K14229: OpenSSH vulnerability CVE-2007-2768
Security Advisory Description OpenSSH, when using OPIE One-Time Passwords in Everything for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords OTP, a similar...
K09408132: glibc vulnerability CVE-2011-1659
Security Advisory Description Integer overflow in posix/fnmatch.c in the GNU C Library aka glibc or libc6 2.13 and earlier allows context-dependent attackers to cause a denial of service application crash via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a...
K11091514: MySQL vulnerability CVE-2016-5626
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. CVE-2016-5626 Impact There is no impact; F5 products are not affected by this...
K94255403: BIG-IP AFM vulnerability CVE-2021-23040
Security Advisory Description A SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This issue is exposed only when BIG-IP AFM is provisioned. CVE-2021-23040 Impact An authenticated attacker can exploit this vulnerability to execute malicious SQL...
K92991044: lwresd and bind vulnerability CVE-2016-2775
Security Advisory Description ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service daemon crash via a long request that uses the lightweight resolver protocol...
K88162221: The BIG-IP ASM system may not properly perform signature checks on cookies
Security Advisory Description The BIG-IP ASM system may not properly perform signature checks on cookies. This issue occurs when the following condition is met: You have a security policy enabled with cookie scope attack signatures. Impact Cookies containing malicious payload may pass through the...
K44454157: Expat vulnerability CVE-2022-40674
Security Advisory Description libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Impact An attacker may be able to use crafted XML to reference previously freed memory, leading to data corruption or the execution of arbitrary code. Security Advisory...
K15759349: BIG-IP FTP profile vulnerability CVE-2019-6645
Security Advisory Description FTP traffic passing through a virtual server with both an active FTP profile associated and connection mirroring configured may cause the Traffic Management Microkernel TMM to stop responding, causing the configured high availability HA action to be taken...
K10506844: Apache Struts 2 vulnerabilities CVE-2013-1966, CVE-2013-2115, CVE-2013-2134, and CVE-2013-2135
Security Advisory Description CVE-2013-1966 Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the 1 URL or 2 A tag. CVE-2013-2115 Apache Struts 2 before 2.3.14.2 allow...
K41515225: BIG-IP SSL connection security exposure
Security Advisory Description On a virtual server configured with both Client SSL and Server SSL profiles, when receiving a TCP FIN midstream in an SSL connection, the BIG-IP system immediately proxies the FIN to the remote host on the peer side. If the remote host on the peer side acknowledges t...
K01324833: NTP vulnerability CVE-2015-8158
Security Advisory Description The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service infinite loop via crafted packets with incorrect values. CVE-2015-8158 Impact When this vulnerability is exploited, an attacke...
K21426934: Multiple elfutils vulnerabilities
Security Advisory Description CVE-2018-16062 dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file. CVE-2018-16402 libelf/elfend.c in elfutils 0.173 allows remote attackers to...
K5794: Security Advisory: Perl integer sign error in format string processing - CVE-2005-3962
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to K4602:...
K6878: Apache Rewrite module (mod_rewrite) vulnerabilities CVE-2006-3747
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K5725: pam_ldap password policy control vulnerability CAN-2005-2641
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K36328238: The BIG-IP DNS system may erroneously display the TSIG key secret in plain text form
Security Advisory Description The BIG-IP DNS system may erroneously display the Transaction Signature TSIG key secret in plain text form. This issue occurs when all of the following conditions are met: You configured a TSIG key in the BIG-IP DNS system. You used one of the following methods to vi...
K15741: Apache Commons HttpClient vulnerability CVE-2012-6153
Security Advisory Description http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...
K15737: Apache vulnerability CVE-2014-3577
Security Advisory Description org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509...
K15724: OpenSSL vulnerability CVE-2014-3568
Security Advisory Description OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23clnt.c and s23srvr.c. CVE-2014-3568...
K4447: cURL buffer overflow vulnerability CAN-2005-0490
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K16352: Multiple OpenJDK vulnerabilities
Security Advisory Description CVE-2015-0383 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. CVE-2014-6601...
K16348: tftp-hpa vulnerability CVE-2011-2199
Security Advisory Description Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option. CVE-2011-2199 Impact Remote attackers may be able to cause a denial-of-service DoS using the tftp-hpa utimeout...
K16336: PHP vulnerability CVE-2015-0273
Security Advisory Description Multiple use-after-free vulnerabilities in ext/date/phpdate.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a 1 R or 2 r type specifier in a DateTimeZone data...
K16349: Linux kernel vulnerability CVE-2009-0676
Security Advisory Description Description The sockgetsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SOBSDCOMPAT getsockopt reques...
K16337: OpenSSL vulnerability CVE-2009-5146
Security Advisory Description A vulnerability, which was classified as problematic, was found in OpenSSL 0.9.8. This affects an unknown function of the component Hostname TLS Extension. The manipulation with an unknown input leads to a information disclosure vulnerability memory leak. CVE-2009-51...
K16339: Multiple PHP vulnerabilities CVE-2014-9425, CVE-2014-9426, CVE-2014-9427, CVE-2015-0231, and CVE-2015-0232
Security Advisory Description Description CVE-2014-9425 Double free vulnerability in the zendtshashgracefuldestroy function in zendtshash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impa...
K16341: Linux kernel Controller Area Network (CAN) vulnerability CVE-2010-2959
Security Advisory Description Integer overflow in net/can/bcm.c in the Controller Area Network CAN implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of...
K16350: Samba vulnerability CVE-2015-0240
Security Advisory Description The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code...
K16351: Multiple Linux kernel vulnerabilities CVE-2009-0834, CVE-2009-0835, and CVE-2009-0859
Security Advisory Description CVE-2009-0834 The auditsyscallentry function in the Linux kernel 2.6.28.7 and earlier on the x8664 platform does not properly handle 1 a 32-bit process making a 64-bit syscall or 2 a 64-bit process making a 32-bit syscall, which allows local users to bypass certain...
K16320: OpenSSL vulnerability CVE-2015-0289
Security Advisory Description Description The PKCS7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service NULL pointer dereference and...
K16334: Apache Struts vulnerability CVE-2013-4316
Security Advisory Description Description Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. CVE-2013-4316 Impact None Status To determine if your release is known to be vulnerable, the components or features that are...
K15343: OpenSSL vulnerability CVE-2014-0221
Security Advisory Description The dtls1getmessagefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service recursion and client crash via a DTLS hello message in an invalid DTLS handshake. CVE-2014-02...
K15342: OpenSSL vulnerability CVE-2014-3470
Security Advisory Description The ssl3sendclientkeyexchange function in s3clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service NULL pointer dereference and client crash by...
K9762: OpenSSL vulnerability - CVE-2008-5077
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K35129173: GNU C Library (glibc) vulnerability CVE-2017-15670
Security Advisory Description The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string. CVE-2017-15670 Impact...
K10417: BIG-IP ASM and PSM remote buffer overflow exploit
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K73200428: Linux kernel vulnerability CVE-2022-0185
Security Advisory Description A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged in case of unprivileged user namespaces enabled, otherwise needs...
K7053: BIND 9 vulnerabilities - Dereferencing freed fetch context and DNSSEC Validation
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...
K71231825: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2018-2776 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Group Replication GCS. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to...
K68120526: Linux kernel vulnerability CVE-2022-0742
Security Advisory Description Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc. CVE-2022-0742 Impact Ther...
K17475: Linux kernel vulnerability CVE-2015-5707
Security Advisory Description Integer overflow in the sgstartreq function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iovcount value in a write request. CVE-2015-5707...
K17461: OpenSSH vulnerability CVE-2015-5352
Security Advisory Description The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection...
K17057: QEMU vulnerabilities CVE-2015-3214, CVE-2015-5154, and CVE-2015-5158
Security Advisory Description CVE-2015-3214 An out-of-bounds memory access flaw, leading to memory corruption or possibly an information leak, was found in QEMU's pitioportread function. A privileged guest user in a QEMU guest, which had QEMU PIT emulation enabled, could potentially, in rare case...
K17061: Multiple PHP vulnerabilities
Security Advisory Description CVE-2015-4599 The SoapFault::toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service application crash, or possibly execute arbitrary code...
K03551138: MySQL vulnerabilities CVE-2018-2817, CVE-2018-2818, CVE-2018-2819, CVE-2018-2839, and CVE-2018-2846
Security Advisory Description CVE-2018-2817 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with...
K02230327: BIND vulnerability CVE-2017-3143
Security Advisory Description An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND...