6413 matches found
K81081046: PHP vulnerabilities CVE-2016-4537 and CVE-2016-4538
Security Advisory Description CVE-2016-4537 The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified other...
K61971428: Multiple Java vulnerabilities
Security Advisory Description CVE-2013-5775 Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2013-5777 Unspecified...
K53316849: Java vulnerability CVE-2013-5802
Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality,...
K23873366: OpenSSL vulnerability CVE-2016-2177
Security Advisory Description OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected mallo...
K35240323: PHP vulnerability CVE-2016-4539
Security Advisory Description The xmlparseintostruct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service buffer under-read and segmentation fault or possibly have unspecified other impact via crafted XML da...
K17025: BIND DNSSEC vulnerability CVE-2010-0097
Security Advisory Description ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC 1 NSEC and 2 NSEC3 records. CVE-2010-0097 Impact Remote attackers may be able to add the Authenticated Data AD flag to a forg...
K16494: phpMyAdmin vulnerability CVE-2015-2206
Security Advisory Description libraries/selectlang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it...
K12998: OpenSSL vulnerability CVE-2011-1945
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K11797: Pre-logon sequence vulnerability to token spoofing
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this Solution have not been evaluated for...
K07051153: TMUI vulnerability CVE-2020-5905
Security Advisory Description In the BIG-IP Configuration utility Network WCCP page, the system does not sanitize all user-provided data before displaying the page. CVE-2020-5905 Impact Authenticated administrative users with access to this page in the Configuration utility may inject code onto t...
K93231374: BIG-IP HTTP vulnerability CVE-2021-23042
Security Advisory Description When an HTTP profile is configured on a virtual server, undisclosed requests can cause a significant increase in system resource utilization. CVE-2021-23042 Impact System performance degradation can occur until the process is either forced to restart or manually...
K7009: Statement on ACL bypass using trailing NULL byte - MNIN/NNL Advisory
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...
K42891424: Grep vulnerability CVE-2015-1345
Security Advisory Description The bmexectrans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service out-of-bounds heap read and crash via crafted input when using the -F option. CVE-2015-1345 Impact A local user may cause a denial-of-service DoS by way of...
K42830212: BIG-IP SIP ALG profile vulnerability CVE-2020-5926
Security Advisory Description A BIG-IP virtual server with a Session Initiation Protocol SIP ALG profile, parsing SIP messages that contain a multi-part MIME payload with certain boundary strings can cause TMM to free memory to the wrong cache.CVE-2020-5926 Impact This vulnerability leads to futu...
K38157961: BIG-IP ASM Bot Defense may fail to block malicious requests when both the Bot Defense profile and DoS profile are associated with a virtual server
Security Advisory Description The BIG-IP ASM Bot Defense profile may unexpectedly fail to block malicious requests. This issue occurs when the following condition is met: The affected virtual server is associated with the following: A security policy A DoS profile configured with either TPS-based...
K24036027: libarchive vulnerability CVE-2016-5844
Security Advisory Description Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service application crash via a crafted ISO file. CVE-2016-5844 Impact For BIG-IP and VIPRION platforms that are configured to use Virtual Clustered...
K23073482: Nginx vulnerabilities CVE-2016-0742, CVE-2016-0746, and CVE-2016-0747
Security Advisory Description CVE-2016-0742 The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service invalid pointer dereference and worker process crash via a crafted UDP DNS response. CVE-2016-0746 Use-after-free vulnerability in the resolv...
K23641249: KVM hypervisor vulnerability CVE-2020-2732
Security Advisory Description A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessibl...
K17457: Linux kernel vulnerability CVE-2015-6252
Security Advisory Description The vhostdevioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local users to cause a denial of service memory consumption via a VHOSTSETLOGFD ioctl call that triggers permanent file-descriptor allocation. CVE-2015-6252 Impact None. F5...
K17330: GnuTLS vulnerability CVE-2015-3308
Security Advisory Description Double free vulnerability in lib/x509/x509ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. CVE-2015-3308 Impact A remote attacker may be able to cause a...
K17317: Apache HTTP server vulnerability CVE-2015-0253
Security Advisory Description The readrequestline function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service NULL pointer dereference and process crash by sending a request that lacks...
K16912: BIND vulnerability CVE-2015-4620
Security Advisory Description name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing...
K17315: SNMP vulnerability CVE-2014-3565
Security Advisory Description snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service snmptrapd crash via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrate...
K15439022: glibc vulnerability CVE-2016-3075
Security Advisory Description A stack overflow vulnerability unbounded allocation in nssdnsgetnetbynamer function was found. CVE-2016-3075 Impact BIG-IP, BIG-IQ, and Enterprise Manager While the specified functionality is included with BIG-IP, BIG-IQ, and Enterprise Manager, these products are no...
K16881: OZWPAN driver vulnerabilities CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4004
Security Advisory Description Description CVE-2015-4001 Integer signedness error in the ozhcdgetdesccnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service system crash or possibly execute arbitrary...
K16875: file vulnerability CVE-2012-1571
Security Advisory Description file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference. CVE-2012-1571 Impact An attacker could cause a...
K12986: BIND vulnerability CVE-2011-2464
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K12566: OpenSSL vulnerability CVE-2010-3864
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K81223200: Oracle Java SE vulnerability CVE-2016-3425
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP. CVE-2016-3425 Impact An authenticated attacker can input specially crafted XML th...
K77535578: Multiple Java SE client-side vulnerabilities
Security Advisory Description CVE-2016-0636 Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component. CVE-2016-0686 Unspecified vulnerability in Oracle...
K20031768: Intel hardware vulnerabilities CVE-2020-8737 CVE-2020-12312
Security Advisory Description CVE-2020-8737 Improper buffer restrictions in the IntelR StratixR 10 FPGA firmware provided with the IntelR QuartusR Prime Pro software before version 20.1 may allow an unauthenticated user to potentially enable escalation of privilege and/or information disclosure v...
K14316: BIND vulnerability CVE-2012-3817
Security Advisory Description ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a...
K13607: Hosts may generate weak RSA keys under low entropy conditions
Security Advisory Description A recent study, linked in the Supplemental Information section, has revealed that when a system generates new RSA keys under low-entropy conditions, such as during the first system boot, the resulting keys may not be cryptographically strong. During its first boot, t...
K63603485: Linux kernel vulnerability CVE-2022-0847
Security Advisory Description A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copypagetoiterpipe and pushpipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to...
K24249971: Linux kernel vulnerability CVE-2019-10638
Security Advisory Description In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash...
K24444495: Linux kernel vulnerability CVE-2016-10764
Security Advisory Description In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspisetupflash function. There are CQSPIMAXCHIPSELECT elements in the -fpdata array so the "" should be "=" instead. CVE-2016-10764 Impact There is no impact; F5...
K22040951: systemd-journald vulnerability CVE-2019-3815
Security Advisory Description A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatchmessagereal in journald-server.c does not free the memory allocated by setiovecfieldfree to store the CMDLINE= entry. A local attacker may use this...
K17742627: cURL and libcurl vulnerability CVE-2016-8625
Security Advisory Description curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host. CVE-2016-8625 Impact Incorrect translation of International Doma...
K63519101: Multiple QEMU vulnerabilities
Security Advisory Description CVE-2014-8106 Heap-based buffer overflow in the Cirrus VGA emulator hw/display/cirrusvga.c in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for...
K61570943: Multiple libXML2 vulnerabilities
Security Advisory Description CVE-2015-5312 The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted XML data, a different vulnerability...
K5576: Authentication vulnerability in Apache mod_digest - CAN-2003-0987
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K17326: Linux kernel vulnerability CVE-2015-5157
Security Advisory Description arch/x86/entry/entry64.S in the Linux kernel before 4.1.6 on the x8664 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI. CVE-2015-5157 Impact A locally...
K16903: Microsoft Schannel vulnerability CVE-2015-1637
Security Advisory Description Schannel aka Secure Channel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state...
K16531: Linux kernel vulnerability CVE-2014-4027
Security Advisory Description The rdbuilddevicespace function in drivers/target/targetcorerd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdiskmcp memory by leveraging access to a SCSI...
K16596: Privilege escalation vulnerability CVE-2014-3215
Security Advisory Description seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges ...
K16478: Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
Security Advisory Description CVE-2014-8159 The InfiniBand IB implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux RHEL 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical...
K16479: Linux kernel vulnerability CVE-2009-4537
Security Advisory Description drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to 1 cause a denial of service temporary network outage via a packet with a...
K16477: Linux kernel vulnerability CVE-2010-2524
Security Advisory Description The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIGCIFSDFSUPCALL is enabled, relies on a user's keyring for the dnsresolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the result...
K11785283: GnuPG vulnerability CVE-2012-6085
Security Advisory Description The readblock function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service application crash via a crafted length field of an OpenPGP...
K11720: Samba server vulnerability CVE-2010-2063
Security Advisory Description Note : Versions that are not listed in this articles have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...