6294 matches found
K24578092: Linux kernel vulnerability CVE-2017-6001
Security Advisory Description Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perfeventopen system calls for moving a software group into a hardware context. NOTE: this vulnerability exis...
K39655464: Linux kernel vulnerability CVE-2013-2017
Security Advisory Description The veth aka virtual Ethernet driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service system crash by leveraging lack of skb consumption in conjunction with a double-free...
K37451543: TMM vulnerability CVE-2021-23007
Security Advisory Description When the Traffic Management Microkernel TMM process handles certain undisclosed traffic, it may start dropping all fragmented IP traffic. CVE-2021-23007 Impact TMM incorrectly determines that the fragment memory limit has been reached and drops all fragments it...
K28312671: MySQL vulnerabilities CVE-2019-2683, CVE-2019-2685, CVE-2019-2686, CVE-2019-2687, and CVE-2019-2688
Security Advisory Description CVE-2019-2683 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Options. Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker...
K26346590: GNU C Library vulnerabilities CVE-2019-9192 and CVE-2018-20796
Security Advisory Description CVE-2019-9192 DISPUTED In the GNU C Library aka glibc or libc6 through 2.29, checkdstlimitscalcpos1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '|\\1\\1' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that...
K32780121: Linux kernel vulnerability CVE-2019-20095
Security Advisory Description mwifiextmcmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service. CVE-2019-20095 Impact...
K23860356: TMM vulnerability CVE-2019-6660
Security Advisory Description iRules performing HTTP header manipulation may cause a denial-of-serviceDoS when processing traffic handled by a virtual server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs.CVE-2019-6660 Impact The...
K32049025: BIND vulnerability CVE-2016-6170
Security Advisory Description ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service secondary DNS server crash via a large AXFR response, and possibly allows IXFR servers to cause a denial of service IXFR client...
K23566124: BIG-IP TMUI vulnerability CVE-2019-6589
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface TMUI also known as the BIG-IP Configuration utility. CVE-2019-6589 Impact To perform the attack, a user must visit a specially crafted URL...
K22415133: cURL vulnerability CVE-2021-22898
Security Advisory Description curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEWENV variables, libcur...
K22356857: APT remote code injection vulnerability CVE-2019-3462
Security Advisory Description Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. CVE-2019-3462 Impact There is no impact; F5...
K91414704: BIG-IP Advanced WAF and ASM Brute Force Protection feature may not properly support the Post-Redirect-Get application flow
Security Advisory Description The Advanced WAF and BIG-IP ASM systems may not properly support the Post-Redirect-Get PRG application flow implemented on a back-end web server. This issue occurs when all of the following conditions are met: You enabled brute force protection in your security polic...
K7886: Remote vulnerability in the mod_jk2 Apache module VU#771937
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K7827: tcpdump 3.9.6 vulnerability CVE-2007-3798
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K51920288: OpenSSL vulnerability CVE-2016-2105
Security Advisory Description Integer overflow in the EVPEncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of binary data. CVE-2016-2105 Impact A successful...
K56231955: RSA Authentication Agent vulnerabilities CVE-2018-1232, CVE-2018-1233, and CVE-2018-1234
Security Advisory Description CVE-2018-1232 RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit...
K35414143: AMNESIA:33 vulnerability
Security Advisory Description AMNESIA:33 is a set of 33 vulnerabilities that impact four open source TCP/IP stacks uIP, FNET, picoTCP and Nut/Net, which collectively serve as the foundational components of millions of connected devices worldwide. These vulnerabilities primarily cause memory...
K45320419: TMM with HTTP/2 vulnerability CVE-2018-5514
Security Advisory Description Maliciously crafted HTTP/2 request frames can lead to denial of service. There is data plane exposure for virtual servers when the HTTP2 profile is enabled. There is no control plane exposure to this issue. CVE-2018-5514 Impact The BIG-IP system may temporarily fail ...
K44318398: Net-SNMP vulnerability CVE-2020-15862
Security Advisory Description Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. CVE-2020-15862 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisor...
K30164784: BIND vulnerability CVE-2017-3137
Security Advisory Description Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an...
K13432: OpenSSL vulnerability CVE-2010-0433
Security Advisory Description In the ksslkeytabisavailable function in ssl/kssl.c in OpenSSL before 0.9.8n., when Kerberos is enabled, but Kerberos configuration files cannot be opened, the function does not check a certain return value, which allows remote attackers to cause a Denial of Service...
K12985: BIND vulnerability CVE-2011-1910
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K17321: Linux kernel UDF vulnerability CVE-2015-4167
Security Advisory Description The udfreadinode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service incorrect data representation or integer overflow, and OOPS via a crafted UDF filesystem...
K16914: OpenSSL vulnerability CVE-2015-1791
Security Advisory Description Race condition in the ssl3getnewsessionticket function in ssl/s3clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service double fre...
K17313: PHP vulnerability CVE-2014-4721
Security Advisory Description The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF variables, which might allow context-dependent attackers to obtain...
K16865: GNU C Library (glibc) vulnerability CVE-2015-1781
Security Advisory Description A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could u...
K16909: BIND vulnerability CVE-2015-5477
Security Advisory Description An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit. CVE-2015-5477 Impact A remote attacker may be able...
K14386: BIND vulnerability CVE-2013-2266
Security Advisory Description libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service memory consumption via a crafted regular expression, as demonstrated by a...
K12826: Java Runtime Environment (JRE) vulnerability: CVE-2010-4476
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : F5 has evaluated only versions of software that are listed in this article fo...
K87046687: VMware Tools vulnerability CVE-2022-31676
Security Advisory Description VMware Tools 12.0.0, 11.x.y and 10.x.y contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine. CVE-2022-31676 Impact A local,...
K21154730: TMM SSL/TLS profile vulnerability CVE-2017-6141
Security Advisory Description Certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Management Microkernel TMM. The Session Ticket option is disabled by default. CVE-2017-6141 Impact The...
K15838353: BIG-IP Edge Client for Windows vulnerability CVE-2020-5892
Security Advisory Description The BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow attackers to obtain the full session ID from process memory. CVE-2020-5892 Impact An attacker with sufficient local privileges on a client machine running Windows may be able to...
K11271225: BIND vulnerability CVE-2022-0635
Security Advisory Description Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check. CVE-2022-0635 Impact There is no impact; F5 products are not affected by this...
K22317030: iControl REST vulnerability CVE-2017-6145
Security Advisory Description iControl REST includes a service to convert authorization BIGIPAuthCookie cookies to X-F5-Auth-Token tokens. This service does not properly re-validate cookies when making that conversion, allowing once-valid but now expired cookies to be converted to valid tokens...
K84884003: rsyslog vulnerability CVE-2019-17040
Security Advisory Description contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled. CVE-2019-17040 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...
K23413369: Python-Pillow vulnerabilities CVE-2022-22816, CVE-2022-22817
Security Advisory Description pathgetbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path. CVE-2022-22816 PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda...
K52638558: RESOLV::lookup iRule command vulnerability CVE-2016-6876
Security Advisory Description A specially crafted reply to DNS queries from RESOLV::lookup may consume excess system resources or possibly lead to a crash and failover. CVE-2016-6876 Impact The BIG-IP system may consume excess system resources, or experience a Traffic Management Microkernel TMM...
K54624443: Apache HTTPD vulnerability CVE-2017-7668
Security Advisory Description The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows apfindtoken to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to caus...
K56499646: Linux kernel vulnerability CVE-2021-3501
Security Advisory Description A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this...
K53729441: MySQL vulnerability CVE-2016-2047
Security Advisory Description The sslverifyservercert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server...
K44650639: Binutils vulnerability CVE-2019-9076
Security Advisory Description An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elfreadnotes in elf.c. CVE-2019-9076 Impact There is no impact; F5 products are not affected by this...
K83043359: Apache HTTPD vulnerability CVE-2017-3169
Security Advisory Description In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port. CVE-2017-3169 Impact When the vulnerability is exploited, the Apachehttpd...
K45625134: Apache Subversion vulnerability CVE-2017-9800
Security Advisory Description A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a...
K38016814: PHP and libgd vulnerabilities CVE-2016-5116, CVE-2016-6128, CVE-2016-6132, and CVE-2016-6214
Security Advisory Description CVE-2016-5116 gdxbm.c in the GD Graphics Library aka libgd before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service stack-based buffer...
K43121447: BIG-IP Client SSL vulnerability CVE-2018-5502
Security Advisory Description Attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate...
K37121474: Binutils vulnerability CVE-2019-9073
Security Advisory Description An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in bfdelfslurpversiontables in elf.c. CVE-2019-9073 Impact There is no impact; F5 products are not affect...
K05018525: BIG-IP APM SAML IdP vulnerability CVE-2018-5549
Security Advisory Description APMD may core when processing SAML Assertion or response containing certain elements. CVE-2018-5549 Impact This vulnerability allows a disruption of service. Security Advisory Status F5 Product Development has assigned ID 704580 BIG-IP to this vulnerability. To...
K18684657: QEMU 4.2.0 vulnerability CVE-2020-7039
Security Advisory Description tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code...
K32019083: Linux kernel vulnerability CVE-2019-11815
Security Advisory Description An issue was discovered in rdstcpkillsock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup. CVE-2019-11815 Impact There is no impact; F5 products are not affected by this...
K19443402: BIND vulnerability CVE-2021-25216
Security Advisory Description In BIND 9.5.0 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.11.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are...