6294 matches found
K000157965: Linux Kernel vulnerability CVE-2022-48701
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in sndusbparseaudiointerface There may be a bad USB audio device with a USB ID of 0x04fa, 0x4201 and the number of it's interfaces less than 4, an...
K000157962: Linux kernel (Bluetooth) vulnerability CVE-2023-53386
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys Similar to commit c5d2b6fa26b5 "Bluetooth: Fix use-after-free in hciremoveltk/hciremoveirk". We can not access k after kfreercu call...
K000157961: Linux kernel (SCPI) vulnerability CVE-2022-50087
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails When scpi probe fails, at any point, we need to ensure that the scpiinfo is not set and will remain NULL until the probe succeeds...
K000157948: BIND vulnerability CVE-2025-40780
Security Advisory Description In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through...
K000157932: NPM vulnerabilities CVE-2025-59037, CVE-2025-59038, and CVE-2025-59039
Security Advisory Description CVE-2025-59037 DuckDB is an analytical in-process SQL database management system. On 08 September 2025, the DuckDB distribution for Node.js on npm was compromised with malware along with several other packages. An attacker published new versions of four of DuckDB's...
K000157929: Podman vulnerability CVE-2022-2738
Security Advisory Description The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or...
K000157901: Intel(R) PCIe Switch software vulnerability CVE-2025-24323
Security Advisory Description Improper access control in some firmware package and LED mode toggle tool for some IntelR PCIe Switch software before version MR41.0b1 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-24323 Impact There is no impact...
K000157862: Apache Tomcat vulnerability CVE-2025-55754
Security Advisory Description Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequence...
K000157847: Apache Tomcat vulnerability CVE-2025-61795
Security Advisory Description Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the...
K000157848: Oracle Java vulnerability CVE-2017-10109
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability...
K000157846: Apache Tomcat vulnerability CVE-2025-55752
Security Advisory Description Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an...
K000157844: Jetty vulnerabilities CVE-2023-36478, CVE-2024-6763, CVE-2023-26049, CVE-2024-8184, and CVE-2023-41900
Security Advisory Description CVE-2023-36478 Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows for HTTP/2 HPACK header values to exceed their size...
K000157302: Apache Tomcat vulnerability CVE-2025-48989
Security Advisory Description Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL...
K000157836: CUPS vulnerability CVE-2023-34241
Security Advisory Description OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when ...
K000157365: Moment vulnerability CVE-2022-31129
Security Advisory Description moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment more specifically rfc2822 parsing, whi...
K000157341: Linux kernel vulnerability CVE-2025-21887
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote...
K000157334: BIND vulnerability CVE-2025-40778
Security Advisory Description Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through...
K000157317: BIND vulnerability CVE-2025-8677
Security Advisory Description Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and...
K000157330: Intel 700 Series Ethernet vulnerability CVE-2025-25273
Security Advisory Description Insufficient control flow management in the Linux kernel-mode driver for some IntelR 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2025-25273 Impact There is no impact; F5...
K000157322: Linux kernel vulnerability CVE-2025-8941
Security Advisory Description A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...
K000157321: Intel 700 Series Ethernet vulnerability CVE-2025-24486
Security Advisory Description Improper input validation in the Linux kernel-mode driver for some IntelR 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2025-24486 Impact There is no impact; F5 products a...
K000157145: Java vulnerabilities CVE-2025-53057, CVE-2025-61748, and CVE-2025-53066
Security Advisory Description CVE-2025-53057 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8, 25; Orac...
K000157130: Linux kernel vulnerability CVE-2025-22004
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free. CVE-2025-22004 Impact There is no impact; F5 products are not...
K000157129: GlibC vulnerability CVE-2025-8058
Security Advisory Description The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free c...
K000157121: Intel 800 Series ethernet driver vulnerabilities CVE-2025-22836, CVE-2025-22893, CVE-2025-24324
Security Advisory Description CVE-2025-22836 Integer overflow or wraparound in the Linux kernel-mode driver for some IntelR 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2025-22893 Insufficient control...
K000157119: Linux kernel vulnerability CVE-2024-35855
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix possible use-after-free during activity update The rule activity update delayed work periodically traverses the list of configured rules and queries their activity from th...
K000157114: cPython vulnerability CVE-2025-4517
Security Advisory Description Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or TarFile.extract using the filter...
K000157074: Samba vulnerability CVE-2025-10230
Security Advisory Description The cve record for the cve id does not exist. CVE-2025-10230 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for potential vulnerability, and...
K000157067: ImageMagick vulnerability CVE-2025-57807
Security Advisory Description ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob, which permits advancing the stream offset beyond the current end without increasing capacity, a...
K000156944: Intel vulnerability CVE-2025-20093
Security Advisory Description Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some IntelR 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2025-20093 Impact This...
K000154696: F5 Security Incident
We want to share information with you about steps we’ve taken to resolve a security incident at F5 and our ongoing efforts to protect our customers. In August 2025, we learned a highly sophisticated nation-state threat actor maintained long-term, persistent access to, and downloaded files from,...
K000156572: Quarterly Security Notification (October 2025)
Security Advisory Description On October 15, 2025, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...
K000139514: BIG-IP SSL/TLS vulnerability CVE-2025-60016
Security Advisory Description When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to...
K000156800: BIG-IP Configuration utility vulnerability CVE-2025-59483
Security Advisory Description An arbitrary file upload vulnerability exists in an undisclosed URL in the Configuration utility. CVE-2025-59483 Impact A highly privileged authenticated attacker may be able to exploit this vulnerability to upload arbitrary files. This is a control plane issue; ther...
K000150010: BIG-IP AFM security exposure
Security Advisory Description After a reboot, the BIG-IP AFM ipsd process may unexpectedly fail to enforce the Intrusion Prevention System IPS signatures configured for protocol inspection profiles. This condition can persist for some time even though the system reports the protocol inspection...
K000156602: BIG-IP APM vulnerability CVE-2025-54854
Security Advisory Description When a BIG-IP APM OAuth access profile Resource Server or Resource Client is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. CVE-2025-54854 Impact Traffic is disrupted while the apmd process restarts. This vulnerability...
K000154647: BIG-IP tmsh vulnerability CVE-2025-61958
Security Advisory Description A vulnerability exists in the iHealth utility of the TMOS Shell tmsh that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to the Advanced Shell bash. For BIG-IP systems running in Appliance...
K000151658: BIG-IP HSB vulnerability CVE-2025-58153
Security Advisory Description Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge HSB and an embedded Packet Velocity Acceleration ePVA chip may experience a lockup of the HSB. CVE-2025-58153 Impact Traffic is disrupt...
K000156733: BIG-IP SSL/TLS vulnerability CVE-2025-61974
Security Advisory Description When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2025-61974 Impact System performance can degrade until the Traffic Management Microkernel TMM process is either forced to resta...
K000151475: BIG-IP PEM vulnerability CVE-2025-54479
Security Advisory Description When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-54479 Impact Traffic is disrupted while the TMM process restarts. This...
K000156691: BIG-IP TMM vulnerability CVE-2025-58096
Security Advisory Description When the database variable tm.tcpudptxchecksum is configured as non-default value Software-only on a BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-58096 Impact Traffic is disrupted while the TMM process...
K000150667: BIG-IP SSL Orchestrator vulnerability CVE-2025-41430
Security Advisory Description When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-41430 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote, unauthenticated attacker to caus...
K000151368: BIG-IP SSL Orchestrator vulnerability CVE-2025-55036
Security Advisory Description When BIG-IP SSL Orchestrator explicit forward proxy is configured on a virtual server and the proxy connect feature is enabled, undisclosed traffic may cause memory corruption. CVE-2025-55036 Impact System performance can degrade until the Traffic Management...
K000152341: BIG-IP AFM DoS protection profile vulnerability CVE-2025-59478
Security Advisory Description When a BIG-IP AFM denial-of-service DoS protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-59478 Impact Traffic is disrupted while the TMM process restarts. This...
K000148625: F5OS-A FIPS HSM vulnerability CVE-2025-53860
Security Advisory Description A vulnerability exists in F5OS-A software that allows a highly privileged authenticated attacker to access sensitive FIPS hardware security module HSM information on F5 rSeries systems. CVE-2025-53860 Impact A highly privileged authenticated attacker with access to t...
K44517780: BIG-IP iRules vulnerability CVE-2025-53474
Security Advisory Description When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-53474 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remot...
K000151297: BIG-IP TMM vulnerability CVE-2025-58424
Security Advisory Description On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection. CVE-2025-58424 Impact This vulnerability may allow a remote, unauthenticated attacker to inject malicious...
K000149820: F5OS SNMP vulnerability CVE-2025-47150
Security Advisory Description When SNMP is configured on the F5OS-A or F5OS-C system, undisclosed requests can cause an increase in SNMP memory resource utilization. CVE-2025-47150 Impact System performance can degrade until the SNMP process is either forced to restart or is manually restarted...
K000154614: BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability CVE-2025-55670
Security Advisory Description On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-55670 Impact Traffic is disrupted while the TMM process restarts. This vulnerability...
K000156707: BIG-IP TMM vulnerability CVE-2025-53856
Security Advisory Description When a virtual server, network address translation NAT object, or secure network address translation SNAT object uses the embedded Packet Velocity Acceleration ePVA feature, and the Auto Last Hop setting is disabled, undisclosed traffic can cause the Traffic Manageme...