6294 matches found
K37830055: GnuTLS vulnerability CVE-2017-7507
Security Advisory Description GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. CVE-2017-7507 Impact An attacker may be able to exploit this...
K51743312: NTP vulnerability CVE-2018-7183
Security Advisory Description Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. CVE-2018-7183 Impact There is no impact; F5 products are not...
K38742515: NTP vulnerability CVE-2018-7182
Security Advisory Description The ctlgetitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. CVE-2018-7182 Impact There is no impact; F5 products a...
K41301038: QEMU vulnerability CVE-2020-25084
Security Advisory Description QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usbpacketmap return value is not checked. CVE-2020-25084 Impact A local attacker may cause a denial-of-service DoS or execute arbitrary code on platforms that support Virtual Clustered Multiprocessing...
K27228191: Node.js vulnerability CVE-2018-7159
Security Advisory Description The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as having a value of 12. The HTTP specification does not allow for spaces in the Content-Length value and the...
K07721343: Linux kernel vulnerability CVE-2018-10901
Security Advisory Description A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the...
K63314101: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2022-21451 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...
K26301924: Linux kernel vulnerability CVE-2018-15594
Security Advisory Description arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. CVE-2018-15594 Impact Traffix SDC When this vulnerability is exploited, an...
K16122: Linux kernel vulnerability CVE-2014-9322
Security Advisory Description arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment SS segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address...
K75555129: Netty vulnerabilities CVE-2019-16869 and CVE-2020-7238
Security Advisory Description CVE-2019-16869 Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers such as a "Transfer-Encoding : chunked" line, which leads to HTTP request smuggling. CVE-2020-7238 Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles...
K31523465: BIG-IP TMM vulnerability CVE-2022-41983
Security Advisory Description While Intel QAT QuickAssist Technology and the AES-GCM/CCM cipher is in use, undisclosed conditions cause the BIG-IP system to send data unencrypted, even with an SSL profile applied. CVE-2022-41983 Impact This vulnerability may expose confidential information to a...
K14190: TLS/DTLS 'Lucky 13' vulnerability CVE-2013-0169
Security Advisory Description A vulnerability exists in the TLS and DTLS protocols that may allow an attacker to recover plaintext from TLS/DTLS connections that use CBC-mode encryption. CVE-2013-0169 Note : Stream ciphers, such as RC4, are not vulnerable to this issue. Impact The vulnerability m...
K23205024: MySQL Server Optimizer vulnerability CVE-2022-21438
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...
K51213246: BIG-IP APM AD authentication vulnerability CVE-2021-23008
Security Advisory Description BIG-IP APM AD Active Directory authentication can be bypassed using a spoofed AS-REP Kerberos Authentication Service Response response sent over a hijacked KDC Kerberos Key Distribution Center connection, or from an AD server compromised by an attacker.CVE-2021-23008...
K52125441: Linux kernel vulnerability CVE-2019-19071
Security Advisory Description A memory leak in the rsisendbeacon function in drivers/net/wireless/rsi/rsi91xmgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering rsipreparebeacon failures, aka CID-d563131ef23c. CVE-2019-19071 Impa...
K31434612: BSD link_ntoa vulnerability CVE-2016-6559
Security Advisory Description Improper bounds checking of the obuf variable in the linkntoa function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications...
K14752415: Netty vulnerability CVE-2019-20444
Security Advisory Description HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."CVE-2019-20444 Impact This vulnerability may result in HTTP...
K25835344: Linux kernel vulnerability CVE-2018-8781
Security Advisory Description The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physic...
K24358905: BIG-IP AFM virtual server vulnerability CVE-2022-23018
Security Advisory Description When a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23018 Impact Traffic is disrupted while the TMM process restarts. This...
K20503360: Binutils vulnerability CVE-2018-13033
Security Advisory Description The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted ELF file, as demonstrated by bfdelfparseattributes in...
K50375550: A specifically crafted HTTP request may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server (HTTP Desync Attack)
Security Advisory Description A specifically crafted HTTP request that contains Content-Length and Transfer-Encoding headers may lead the BIG-IP system to pass malformed HTTP requests to a target pool member web server. This issue occurs when the following condition is met: A virtual server...
K10224912: PostgreSQL vulnerability CVE-2019-10208
Security Advisory Description A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5.x before 9.5.19, 9.6.x before 9.6.15, 10.x before 10.10 and 11.x before 11.5 where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE...
K17245: Linux kernel vulnerability CVE-2014-9584
Security Advisory Description The parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference ER System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted...
K43540241: MySQL vulnerabilities CVE-2019-2620, CVE-2019-2623, CVE-2019-2624, CVE-2019-2625, and CVE-2019-2626
Security Advisory Description CVE-2019-2620 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
K17327: GnuTLS RSA PKCS signature vulnerability CVE-2015-0282
Security Advisory Description GnuTLS before 3.1.0 does not verify that the RSA PKCS 1 signature algorithm matches the signature algorithm in the certificate, which allows remote attackers to conduct downgrade attacks via unspecified vectors. CVE-2015-0282 Impact This vulnerability may allow remot...
K17377: PHP vulnerabilities CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, and CVE-2015-6838
Security Advisory Description CVE-2015-6834 Use after free vulnerability was found in unserialize function. We can create ZVAL and free it via Serializable::unserialize. However the unserialize will still allow to use R: or r: to set references to that already freed memory. It is possible to...
K22012502: Linux kernel vulnerability CVE-2017-7273
Security Advisory Description The cpreportfixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service integer underflow or possibly have unspecified other impact via a crafted HID report. CVE-2017-7273 Impact...
K23372179: Linux kernel vulnerability CVE-2018-6412
Security Advisory Description In the function sbusfbioctlhelper in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAPSPARC and FBIOGETCMAPSPARC commands. CVE-2018-6412 Impact There is no impact; F5...
K76934290: Linux kernel vulnerability CVE-2020-36386
Security Advisory Description An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hcievent.c has a slab out-of-bounds read in hciextendedinquiryresultevt, aka CID-51c19bf3d5cf. CVE-2020-36386 Impact There is no impact; F5 products are not affected by this vulnerability. Securi...
K16861: BIG-IQ remote authentication vulnerability CVE-2015-4637
Security Advisory Description When remote authentication is configured on the BIG-IQ system for a LDAP server that allows anonymous BIND operations, a unauthenticated user may obtain an authentication token from the REST API for any known or guessed LDAP user account and will receive all the acce...
K75885190: MariaDB vulnerability CVE-2020-15180
Security Advisory Description A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's...
K75429050: Apache HTTPD vulnerability CVE-2017-7679
Security Advisory Description In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a malicious Content-Type response header. CVE-2017-7679 Impact A remote attacker may exploit this vulnerability by using a malicious response...
K41410307: polkit vulnerability CVE-2021-3560
Security Advisory Description It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator...
K61186963: cURL vulnerability CVE-2020-8285
Security Advisory Description curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. CVE-2020-8285 Impact A malicious FTP server can trigger a stack overflow and cause a denial-of-service DoS on the F5 product that ...
K68251873: glibc vulnerability CVE-2019-25013
Security Advisory Description The iconv feature in the GNU C Library aka glibc or libc6 through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. CVE-2019-25013 Impact A buffer over-read may lead to segmentation fault, causing system...
K44945790: glibc vulnerability CVE-2021-3326
Security Advisory Description The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. CVE-2021-3326...
K95521879: screen vulnerability CVE-2017-5618
Security Advisory Description GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. CVE-2017-5618 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K44691188: Intel TXE / SPS vulnerabilities CVE-2020-0566, CVE-2020-0586
Security Advisory Description CVE-2020-0566 Improper Access Control in subsystem for IntelR TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2020-0586 Improper initialization in subsystem for IntelR SPS...
K91125274: RubyGems vulnerability CVE-2017-0903
Security Advisory Description RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code...
K57774767: Linux kernel vulnerability CVE-2021-45469
Security Advisory Description In f2fssetxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry. CVE-2021-45469 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K40663742: OpenSSH vulnerability CVE-2004-1653
Security Advisory Description The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS. CVE-2004-1653 Impact There is no impact; F5 products are not...
K37526132: OpenSSL vulnerability CVE-2017-3731
Security Advisory Description If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when...
K23598445: BIND vulnerabilities CVE-2017-3136 and CVE-2017-3138
Security Advisory Description CVE-2017-3136 A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use th...
K56241216: OpenLDAP vulnerabilities CVE-2020-25709 and CVE-2020-25710
Security Advisory Description CVE-2020-25709 A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. CVE-2020-25710...
K21054458: Eclipse Jetty vulnerability CVE-2017-7656
Security Advisory Description In Eclipse Jetty, versions 9.2.x and older, 9.3.x all configurations, and 9.4.x non-default configuration with RFC2616 compliance enabled, HTTP/0.9 is handled poorly. An HTTP/1 style request line i.e. method space URI space version that declares a version of HTTP/0.9...
K72255110: MySQL vulnerability CVE-2016-6662
Security Advisory Description Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to creat...
K71080411: Linux kernel vulnerability CVE-2021-4155
Security Advisory Description A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. CVE-2021-4155 Impact Ther...
K20682450: BIG-IP AFM vulnerability CVE-2017-6142
Security Advisory Description X509 certificate verification was not correctly implemented in the early access "user id" feature in the BIG-IP Advanced Firewall Manager, and thus did not properly validate the remote server's identity on certain versions of BIG-IP. CVE-2017-6142 Impact In affected...
K54170502: Linux kernel vulnerability CVE-2017-8890
Security Advisory Description The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept system call. CVE-2017-8890 Impact An...
K01006862: cURL and libcurl vulnerability CVE-2016-8615
Security Advisory Description A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. CVE-2016-8615 Impact...