6402 matches found
K57111075: TMM vulnerability CVE-2022-23021
Security Advisory Description When any of the following configurations are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate: HTTP redirect rule in an LTM policy, BIG-IP APM Access Profile, and Explicit HTTP Proxy in HTTP Profile...
K33554143: Linux kernel vulnerability CVE-2019-15504
Security Advisory Description drivers/net/wireless/rsi/rsi91xusb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic which may be remote via usbip or usbredir. CVE-2019-15504 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K41523201: cURL vulnerability CVE-2019-5482
Security Advisory Description Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. CVE-2019-5482 Impact An attacker could cause a denial of service DoS or arbitrary code execution if you use cURL to transfer data to or from a Trivial File Transport Protocol TFTP server and...
K29282483: BIG-IP APM CTU vulnerability CVE-2021-22980
Security Advisory Description An untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility CTU for Windows can allow an attacker to load a malicious DLL library from its current directory. User interaction is required to exploit this vulnerability because the victim mus...
K37428370: Intel Xeon access control vulnerability CVE-2019-0126
Security Advisory Description Insufficient access control in silicon reference firmware for IntelR XeonR Scalable Processor, IntelR XeonR Processor D Family may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. CVE-2019-0126 Impact Th...
K32034450: Linux kernel vulnerability CVE-2019-15926
Security Advisory Description An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6klwmipstreamtimeouteventrx and ath6klwmicaceventrx in the file drivers/net/wireless/ath/ath6kl/wmi.c. CVE-2019-15926 Impact There is no impact; F5 products are...
K42117350: Intel-SA-00213: Intel CSME, Intel SPS, Intel TXE, Intel DAL, and Intel AMT vulnerabilities
Security Advisory Description In May 2019, Intel announced the discovery of multiple vulnerabilities with Intel technology. To review Intel-SA-00213, the complete announcement, refer to the following link: Intel CSME, Intel SPS, Intel TXE, Intel DAL, and Intel AMT 2019.1 QSR Advisory Note : The...
K28508558: Apache mod_cache vulnerability CVE-2013-4352
Security Advisory Description The cacheinvalidate function in modules/cache/cachestorage.c in the modcache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP servers to cause a denial of service NULL pointer dereference and daemon crash via vectors...
K31616043: Linux kernel vulnerability CVE-2021-28660
Security Advisory Description rtwwxsetscan in drivers/staging/rtl8188eu/osdep/ioctllinux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the -ssid array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/ unfinished work;...
K26311635: Wget vulnerability CVE-2017-6508
Security Advisory Description CRLF injection vulnerability in the urlparse function in url.c in Wget through 1.19.1 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in the host subcomponent of a URL. CVE-2017-6508 Impact A remote attacker may be able to inject arbitrary...
K25551452: Alpine Linux Docker image vulnerability CVE-2019-5021
Security Advisory Description Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected...
K88230177: BIG-IP ASM WebSocket vulnerability CVE-2021-22976
Security Advisory Description When the BIG-IP ASM system processes WebSocket requests with JSON payloads, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2021-22976 Impact When this vulnerability is exploited, the BIG-IP ASM system may take...
K23456112: Python urllib3 vulnerability CVE-2021-33503
Security Advisory Description An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or...
K24383845: Bootstrap vulnerability CVE-2019-8331
Security Advisory Description In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. CVE-2019-8331 Impact An attacker can inject a malicious script into a client browser. Additionally, an attacker can trick a user into running maliciou...
K27617652: BIG-IP APM OAuth failure response message vulnerability CVE-2018-15335
Security Advisory Description When APM is deployed as an OAuth Resource Server, APM becomes a client application to an external OAuth authorization server. In certain cases when communication between the BIG-IP APM and the OAuth authorization server is lost, APM may not display the intended messa...
K39573942: DHCP vulnerability CVE-2019-6470
Security Advisory Description There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this...
K37466356: BIG-IP ASM vulnerability CVE-2020-5914
Security Advisory Description Undisclosed server cookie scenario may cause BD to restart under some circumstances. CVE-2020-5914 Impact The vulnerability allows remote attackers who have control over the backend webserver to cause a denial-of-service DoS attack on the BIG-IP ASM system. Security...
K37301725: Linux kernel vulnerability CVE-2017-18270
Security Advisory Description In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service. CVE-2017-18270 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K15319: Linux kernel TTY vulnerability CVE-2014-0196
Security Advisory Description The nttywrite function in drivers/tty/ntty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service memory corruption and system crash or gain privileges by...
K31501591: QEMU vulnerability CVE-2017-15118
Security Advisory Description A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu...
K21418431: PHP vulnerability CVE-2020-7059
Security Advisory Description When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information...
K31864522: Linux kernel vulnerability CVE-2019-9162
Security Advisory Description In the Linux kernel before 4.20.12, net/ipv4/netfilter/nfnatsnmpbasicmain.c in the SNMP NAT module has insufficient ASN.1 length checks aka an array index error, making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation...
K35065045: Linux kernel vulnerability CVE-2019-10124
Security Advisory Description REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE-2019-10124 Impact There is no impact; F5 products are not affected by this...
K82131333: Linux kernel vulnerability CVE-2019-19066
Security Advisory Description A memory leak in the bfadimgetstats function in drivers/scsi/bfa/bfadattr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering bfaportgetstats failures, aka CID-0e62395da2bd. CVE-2019-19066 Impact There i...
K82518062: BIG-IP SCP vulnerability CVE-2020-5906
Security Advisory Description The BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy SCP protocol access to read and overwrite blacklisted files via SCP. CVE-2020-5906 Note : F5 is working to elimina...
K21914362: Linux kernel vulnerability CVE-2013-7470
Security Advisory Description cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite loop and crash, as demonstrated by icmpsic, a different vulnerability than CVE-2013-0310. CVE-2013-74...
K20722197: Samba vulnerability CVE-2017-2619
Security Advisory Description Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. CVE-2017-2619 Impact There is no impact; F5 products are not affected b...
K14027805: Apache vulnerability CVE-2017-15710
Security Advisory Description In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is n...
K21595932: Samba vulnerability CVE-2018-1057
Security Advisory Description On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service...
K20346072: BIG-IP Edge Client for Windows vulnerability CVE-2020-5897
Security Advisory Description A use-after-free memory vulnerability exists in the BIG-IP Edge Client Windows ActiveX component. CVE-2020-5897 Impact This vulnerability allows an attacker to trigger memory corruption to the browser or execute code from the browser when the attacker crafts a...
K75269595: QEMU vulnerability CVE-2015-5166
Security Advisory Description Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice. CVE-2015-5166 Impact There is no impact; F5 products are not...
K05405841: GCM nonce vulnerability CVE-2016-0270
Security Advisory Description IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce i...
K00183056: Samba vulnerability CVE-2017-12163
Security Advisory Description An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer,...
K16496491: Multiple Java vulnerabilities
Security Advisory Description CVE-2020-2754 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated...
K15478554: BIG-IP Edge Client for Windows vulnerability CVE-2020-5896
Security Advisory Description The BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions, and allows execution of signed .exe and MSI files. CVE-2020-5896 Impact This vulnerability can be exploited to allow an unprivileged user to gain privilege...
K01869532: Eclipse Jetty vulnerability CVE-2019-10241
Security Advisory Description In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of...
K07020416: Linux kernel vulnerability CVE-2017-18344
Security Advisory Description The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function called when /proc/$PID/timers is read. This...
K10812540: OpenJDK vulnerability CVE-2019-18197
Security Advisory Description In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or...
K08413011: Linux kernel vulnerability CVE-2019-7221
Security Advisory Description The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. CVE-2019-7221 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases...
K02714910: TLS vulnerability CVE-2017-6164
Security Advisory Description In some circumstances, the Traffic Management Microkernel TMM does not properly handle certain malformed TLS1.2 records, which allows remote attackers to cause a denial-of-service DoS or possible remote command execution on the BIG-IP system. CVE-2017-6164 Impact A...
K88205061: Linux kernel vulnerability CVE-2021-28952
Security Advisory Description An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. This has been fixed in 5.12-rc4. CVE-2021-28952 Impact There ...
K13323323: iRules LX vulnerability CVE-2021-22973
Security Advisory Description JSON parser function does not protect against out-of-bounds memory accesses or writes. CVE-2021-22973 Impact The Traffic Management Microkernel TMM may exit and restart while processing JSON payload with iRules LX commands, leading to a failover event. Security...
K71891773: BIG-IP APM VPN vulnerability CVE-2021-23002
Security Advisory Description The session ID is visible in the arguments of the f5vpn.exe command when VPN is launched from the browser on a Windows system. Addressing this issue requires both the client and server fixes. CVE-2021-23002 Impact An attacker with privileges to view the command line ...
K57214415: NAT slipstream vulnerability
Security Advisory Description This vulnerability exploits the application layer gateway ALG mechanism of network address translations NATs, routers, and firewalls through modification of internal IP extractions for a client browser connection and therefore bypasses the browser's port restrictions...
K91013510: SSL Forward Proxy vulnerability CVE-2022-23016
Security Advisory Description When BIG-IP SSL Forward Proxy with TLS 1.3 is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23016 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a...
K55539088: Intel SSD vulnerabilities CVE-2020-0584, CVE-2020-12309, CVE-2020-12310, CVE-2020-12311
Security Advisory Description CVE-2020-0584 Buffer overflow in firmware for IntelR SSD DC P4800X and P4801X Series, IntelR OptaneTM SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access. CVE-2020-12309 Insufficiently protected...
K57201259: Intel SGX vulnerabilities CVE-2019-14565, CVE-2019-14566
Security Advisory Description CVE-2019-14565 Insufficient initialization in IntelR SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via...
K55580033: iControl REST vulnerability CVE-2022-35728
Security Advisory Description An authenticated user's iControl REST token may remain valid for a limited time after logging out from the Configuration utility. CVE-2022-35728 Impact A remote unauthenticated attacker may be able to reuse, for a limited time, an authenticated user's iControl REST...
K50310001: BIG-IP and BIG-IQ iControl SOAP vulnerability CVE-2022-34851
Security Advisory Description An authenticated attacker may cause iControl SOAP to become unavailable through undisclosed requests. CVE-2022-34851 Impact This vulnerability allows a remote authenticated attacker with at least guest role privileges to send undisclosed requests to iControl SOAP,...
K53084033: OpenSSL vulnerability CVE-2016-2178
Security Advisory Description The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. CVE-2016-2178 Impact An...