6294 matches found
K17248: OpenSSL vulnerability CVE-2010-0742
Security Advisory Description The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or...
K17267: XSS vulnerability in Apache CVE-2002-0840
Security Advisory Description Cross-site scripting XSS vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the...
K17254: NTP-keygen vulnerability CVE-2015-3405
Security Advisory Description flaw was found in the way the ntp-keygen utility generated MD5 symmetric keys on big-endian systems. An attacker could possibly use this flaw to guess generated MD5 keys, which could then be used to spoof an NTP client or server. CVE-2015-3405 - pending Impact There...
K17251: Apache vulnerability CVE-2015-3183
Security Advisory Description The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values...
K17247: PHP vulnerability CVE-2015-1351
Security Advisory Description Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. CVE-2015-1351 Impact...
K13588: PHP vulnerability CVE-2011-4885
Security Advisory Description PHP versions prior to 5.3.9 compute hash values for form parameters without restricting the ability to trigger hash collisions predictably, which may allow remote attackers to cause a denial of service DoS CPU consumption by sending many crafted parameters...
K13598: OpenSSL vulnerability CVE-2012-0884
Security Advisory Description The implementation of Cryptographic Message Syntax CMS and PKCS 7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data using a Million Message Attack M...
K81903701: Libpng vulnerability CVE-2015-8472
Security Advisory Description Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have...
K05013313: IPsec vulnerability CVE-2015-4047
Security Advisory Description racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests. CVE-2015-4047 Impact When this vulnerability is exploited, the remote attacker may be able us...
K34341852: Apache Tomcat 6.x vulnerability CVE-2015-5345
Security Advisory Description The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.67, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via...
K34958244: PHP vulnerability CVE-2016-3074
Security Advisory Description Integer signedness error in GD Graphics Library 2.1.1 aka libgd or libgd2 allows remote attackers to cause a denial of service crash or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow. CVE-2016-3074 Impa...
K6623: OpenSSL signature vulnerability - CVE-2006-4339
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this Solution have not been evaluated for...
K11270891: Multiple Intel Linux Wi-Fi Drivers vulnerabilities CVE-2020-12313, CVE-2020-12317, CVE-2020-12319, CVE-2017-13080
Security Advisory Description CVE-2020-12313 Insufficient control flow management in some IntelR PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. CVE-2020-12317 Improper buffer restriction in...
K05918709: PHP vulnerability CVE-2016-7479
Security Advisory Description In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. CVE-2016-7479 Impact There is no impact; F5...
K08421805: GStreamer vulnerability CVE-2016-9635
Security Advisory Description Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a skip count that goes...
K16558: Linux kernel vulnerability CVE-2014-8884
Security Advisory Description Stack-based buffer overflow in the ttusbdecfedvbsdiseqcsendmastercmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service system crash or possibly gain privileges via a large message...
K25552364: GNU C Library vulnerability CVE-2015-8985
Security Advisory Description The popfailstack function in the GNU C Library aka glibc or libc6 allows context-dependent attackers to cause a denial of service assertion failure and application crash via vectors related to extended regular expression processing. CVE-2015-8985 Impact This...
K16837: tcpdump before 4.7.2 vulnerabilities CVE-2015-0261, CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
Security Advisory Description Description CVE-2015-0261 Integer signedness error in the mobilityoptprint function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service out-of-bounds read and crash or possibly execute arbitrary code via a negativ...
K15131: BIND vulnerability CVE-2010-0218
Security Advisory Description ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired RD queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query. CVE-2010-0218 Impact None. No F5 products are...
K16827: Apache Struts vulnerability CVE-2015-1831
Security Advisory Description Description Incorrect default exclude patterns were introduced in version 2.3.20 of Struts, if default settings are used, the attacker can compromise internal application's state. CVE-2015-1831 Impact There is no impact; F5 products are not affected by this...
K16838: XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2015-1470
Security Advisory Description Using the BIGIPAuthUsernameCookie value with/tmui/login.jsp can expose a cross-site scripting XSS security flaw. CVE-2015-1470 Impact Some login.jsp parameters may allow an attacker to bypass XSS protection mechanisms by using a crafted cookie. Security Advisory Stat...
K15159: OpenSSL vulnerability CVE-2014-0160
Security Advisory Description The 1 TLS and 2 DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as...
K15366: OpenSSL DTLS vulnerability CVE-2009-1377
Security Advisory Description Description The dtls1bufferrecord function in ssl/d1pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service memory consumption via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS...
K15355: OpenSSL DTLS Buffer vulnerability CVE-2009-1379
Security Advisory Description Use-after-free vulnerability in the dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service openssl sclient crash and possibly have unspecified other impact via a DTLS packet, as demonstrated...
K15356: OpenSSL vulnerability CVE-2014-0195
Security Advisory Description The dtls1reassemblefragment function in d1both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denia...
K61974123: ImageMagick vulnerability CVE-2016-3718
Security Advisory Description The 1 HTTP and 2 FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery SSRF attacks via a crafted image. CVE-2016-3718 Note : This vulnerability is one of the series of vulnerabilities known as...
K4119: Buffer overflow in mod_ssl - CVE-2002-0082
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...
K25102203: ImageMagick vulnerability CVE-2016-3716
Security Advisory Description The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. CVE-2016-3716 Note : This vulnerability is one of the series of vulnerabilities known as ImageTragick. Impact Exploiting this...
K30914425: Linux vulnerabilities CVE-2022-0330 and CVE-2022-22942
Security Advisory Description CVE-2022-0330 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system...
K3456: RADIUS authentication bypass vulnerability OpenBSD Security Fix #020
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about F5's security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K8870: OpenSSL Server Name extension Denial of Service VU#661475
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K15345: GnuTLS vulnerability CVE-2014-3466
Security Advisory Description Buffer overflow in the readserverhello function in lib/gnutlshandshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service memory corruption or possibly execute arbitrary code via a long session id...
K15348: OpenSSL DTLS Buffer vulnerability CVE-2009-1387
Security Advisory Description The dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an out-of-sequence DTLS handshake message, related to a "fragment bug."...
K15349: OpenSSL 0.9.8t Denial of Service via S/MIME msg vulnerability CVE-2006-7250
Security Advisory Description The mimehdrcmp function in crypto/asn1/asnmime.c in OpenSSL 0.9.8t and earlier allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted S/MIME message. CVE-2006-7250 Impact None. No F5 products are affected by...
K8874: OpenSSL packages contain a predictable random number generator - VU#925211
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K8869: OpenSSL TLS handshake Denial of Service VU#520586
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K68942513: Java vulnerability CVE-2013-5780
Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via...
K71960814: OpenSSH vulnerability CVE-2016-1908
Security Advisory Description The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by...
K61200338: NTP vulnerability CVE-2016-2517
Security Advisory Description NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service prevent subsequent authentication by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey,...
K58084500: Apache Tomcat 6.x vulnerabilities CVE-2016-0714
Security Advisory Description The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute...
K86221000: Bash vulnerability CVE-2019-18276
Security Advisory Description An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly...
K12002065: BIG-IP ASM XSS vulnerability CVE-2020-5932
Security Advisory Description A cross-site scripting XSS vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed whe...
K01362377: Ghostscript vulnerability CVE-2017-8291
Security Advisory Description Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...
K01043241: Linux kernel vulnerability CVE-2017-17448
Security Advisory Description net/netfilter/nfnetlinkcthelper.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared...
K01128223: PHP vulnerability CVE-2020-7061
Security Advisory Description In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or...
K24324390: OpenSSH vulnerability CVE-2016-10011
Security Advisory Description authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process. CVE-2016-10011 Impact...
K25719440: D-Bus vulnerability CVE-2019-12749
Security Advisory Description dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, uses of dbus-daemon, allows cookie spoofing because of symlink mishandling in the reference implementation of...
K2232: checktrap.pl script may be vulnerable to remote command execution
Security Advisory Description Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, see K4602: Overvie...
K3066: OpenSSH buffer management vulnerability CA-2003-24
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K22493037: The BIG-IP ASM system sends a received XML request with sensitive payload to the ICAP server
Security Advisory Description The BIG-IP ASM system sends a received XML request with sensitive payload to the Internet Content Adaptation Protocol ICAP server for inspection, regardless of any other settings. This issue occurs when all of the following conditions are met: The affected security...