6413 matches found
K16123: OpenSSL vulnerability CVE-2014-3571
Security Advisory Description OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted DTLS message that is processed with a different read operation for the handshake...
K15784: Kerberos vulnerability CVE-2013-1418
Security Advisory Description The setupserverrealm function in main.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted...
K15785: Kerberos vulnerability CVE-2013-6800
Security Advisory Description An unspecified third-party database module for the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.10.x allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a crafted request, a different vulnerability...
K15732: Linux kernel vulnerability CVE-2013-0311
Security Advisory Description Description The translatedesc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging Kernel-base Virtual Machine KVM guest OS privilege...
K15743: BIND vulnerability CVE-2011-2465
Security Advisory Description Description Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone RPZ contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service named daemon crash via...
K15742: Linux kernel vulnerabilities CVE-2014-6416, CVE-2014-6417, and CVE-2014-6418
Security Advisory Description CVE-2014-6416 Buffer overflow in net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service memory corruption and panic or possibly have unspecified other impact via a long unencrypted auth ticket...
K15723: OpenSSL vulnerability CVE-2014-3567
Security Advisory Description Description Memory leak in the tlsdecryptticket function in t1lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service memory consumption via a crafted session ticket that triggers an...
K15721: GnuTLS vulnerability CVE-2013-1619
Security Advisory Description The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to...
K2178: Multiple BIND vulnerabilities - CA-2002-31
Security Advisory Description Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to K4602:...
K9913: Apache Tomcat vulnerability - CVE-2008-4308
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K62012529: BIND vulnerability CVE-2016-1286
Security Advisory Description named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted signature record for a DNAME record, related to db.c and resolver.c. CVE-2016-1286 Impact An attacke...
K39103040: Kernel vulnerability CVE-2018-18955
Security Advisory Description In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAPSYSADMIN in an affected user namespace can bypas...
K8939: SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K30404955: Linux kernel vulnerability CVE-2019-5489
Security Advisory Description The mincore implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. Fixing this affects the output of...
K16392: NTP vulnerability CVE-2014-9750
Security Advisory Description The vallen packet value is not validated in several code paths in ntpcrypto.c which can lead to information leakage or a possible crash of ntpd. CVE-2014-9750 Note : The original candidate number referenced in this article, CVE-2014-9297, was rejected because it was...
K16398: Python vulnerability CVE-2006-4980
Security Advisory Description Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts. CVE-2006-4980 Impact...
K16385: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2013-5894 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB. CVE-2013-5881 Unspecified vulnerability in the MySQL Server...
K16389: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2013-5908 Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling. CVE-2014-0401 Unspecifie...
K15900: Apache HTTP server vulnerability CVE-2012-3499
Security Advisory Description Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modlda...
K15461: OpenSSL vulnerability CVE-2011-4619
Security Advisory Description The Server Gated Cryptography SGC implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service CPU consumption via unspecified vectors. CVE-2011-4619 Impact This...
K15460: OpenSSL Vulnerability CVE-2011-4109
Security Advisory Description Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509VFLAGPOLICYCHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check. CVE-2011-4109 Impact This vulnerability could allow a remote attacker to...
K15428: Apache Tomcat vulnerability CVE-2014-0096
Security Advisory Description java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager restrictions and...
K15160: GnuTLS vulnerability CVE-2014-0092
Security Advisory Description lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. CVE-2014-0092 Impact...
K15427: OpenSSL vulnerability CVE-2011-4354
Security Advisory Description crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST...
K15405: OpenSSL 0.9.8l vulnerability CVE-2009-4355
Security Advisory Description Memory leak in the zlibstatefulfinish function in crypto/comp/czlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service memory consumption via vectors that trigger incorrect calls to the...
K15406: HTTP cookie vulnerability CVE-2004-0462
Security Advisory Description The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server. CVE-2004-0462 Impact A...
K14638: TLS/SSL RC4 vulnerability CVE-2013-2566
Security Advisory Description The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same...
K60570139: Rowhammer hardware vulnerability CVE-2020-10255
Security Advisory Description Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh TRR, aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain...
K65271605: NTP vulnerability CVE-2016-1549
Security Advisory Description A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and...
K17453: Subversion vulnerabilities CVE-2015-0248, CVE-2015-0251, and CVE-2015-3187
Security Advisory Description CVE-2015-0248 The 1 moddavsvn and 2 svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service assertion failure and abort via crafted parameter combinations related to dynamically evaluated revisi...
K15885: GNU C Library vulnerability CVE-2011-1071
Security Advisory Description The GNU C Library aka glibc or libc6 before 2.12.2 and Embedded GLIBC EGLIBC allow context-dependent attackers to execute arbitrary code or cause a denial of service memory consumption via a long UTF8 string that is used in an fnmatch call, aka a "stack extension...
K12650: PHP vulnerability CVE-2010-4645
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K62442245: Kernel vulnerability CVE-2016-6828
Security Advisory Description The tcpchecksendhead function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service tcpxmitretransmitqueue use-after-free and system crash vi...
K45263486: NGINX Controller vulnerability CVE-2021-23020
Security Advisory Description The NAAS API keys are generated using an insecure pseudo-random string and hashing algorithm, which may lead to predictable keys. CVE-2021-23020 Impact Local attackers are able to potentially generate a valid user key. Security Advisory Status F5 Product Development...
K11503: BIND 9 vulnerability CVE-2009-0265
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about F5's security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K8077: BIND 8 vulnerability CVE-2007-2930
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...
K8072: Obtaining uptime information from TCP timestamps
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K73761475: MySQL Memcached vulnerability CVE-2017-3633
Security Advisory Description Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Memcached. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
K3279: Heap-based buffer overflow in mod_proxy - CAN-2004-0492
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K3284: Buffer overflows in stub resolver libraries - CAN-2002-0029
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K23284054: The BIG-IP SMTPS virtual server may fail to properly restrict I/O buffering, allowing attackers to insert commands into encrypted SMTP sessions
Security Advisory Description This issue occurs the following condition is met: A virtual server is configured with a Client SSL profile and an SMTPS profile that has the STARTTLS Activation Mode setting enabled Allow or Require for processing SMTPS traffic. Impact When system receives these SMTP...
K23022557: The BIG-IP system may respond with the NXDOMAIN status when it receives a DNS query of a certain type on a CNAME wide IP
Security Advisory Description The BIG-IP system may respond with the NXDOMAIN status when it receives a DNS query on a CNAME wide IP. This issue occurs when all of the following conditions are met: The BIG-IP system is configured with a CNAME wide IP. For example: test.example.com The BIG-IP syst...
K1907: mod_ssl and Apache_SSL buffer overflow - CAN-2002-0082
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K13656: FirePass SQL injection vulnerability
Security Advisory Description Description F5 has identified a possible SQL injection vulnerability for the FirePass controller. The FirePass controller may not perform adequate user input validation on particular fields. Impact An unauthenticated attacker may be able to exploit the vulnerability ...
K88124225: libpng vulnerability CVE-2017-12652
Security Advisory Description libpng before 1.6.32 does not properly check the length of chunks against the user limit. CVE-2017-12652 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently support...
K8186: Cross-site scripting vulnerability in Apache mod_imap CVE-2007-5000
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K60001344: Linux kernel vulnerability CVE-2019-19056
Security Advisory Description A memory leak in the mwifiexpciealloccmdrspbuf function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering mwifiexmappcimemory failures, aka CID-db8fd2cde932...
K49440205: Linux kernel vulnerability CVE-2021-38300
Security Advisory Description arch/mips/net/bpfjit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB...
K13044333: MySQL Server Optimizer vulnerability CVE-2022-21437
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...
K12915342: Linux kernel vulnerability CVE-2018-14625
Security Advisory Description A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect and close function may allow an attacker using the AFVSOCK protocol to gather a 4 byte informatio...