6390 matches found
K28538929: MySQL vulnerability CVE-2016-5634
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to RBR. CVE-2016-5634 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Produ...
K17212: PHP vulnerability CVE-2014-5459
Security Advisory Description The PEARREST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a 1 rest.cachefile or 2 rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions...
K17503: PHP vulnerabilities CVE-2015-7803 and CVE-2015-7804
Security Advisory Description CVE-2015-7803 A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7804 An uninitialized pointer use flaw was found in the pharmakedirstream function of PHP's Ph...
K17181: BIND vulnerability CVE-2015-5722
Security Advisory Description Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from a zone containing a...
K17174: OpenJDK vulnerability CVE-2015-4733
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. CVE-2015-4733 Impact Confidentiality is affected when...
K17172: OpenJDK vulnerability CVE-2015-2638
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2015-2638 Impact Confidentiality ...
K17170: Java vulnerability CVE-2015-4736
Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2015-4736 Impact There is no impact; F5 products are not affected by this...
K16715: Multiple LibTIFF vulnerabilities
Security Advisory Description CVE-2013-1960 Heap-based buffer overflow in the t2pprocessjpegstrip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted TIFF image file. CVE-2013-1961 Stack-bas...
K16743: MIT Kerberos 5 vulnerability CVE-2014-5355
Security Advisory Description MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string ...
K8599: XSS vulnerability viewing logs from the Console section of the web management interface
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K15970: GnuTLS 3.x vulnerability CVE-2014-8564
Security Advisory Description The gnutlseccansix963export function in gnutlsecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service out-of-bounds write via a crafted 1 Elliptic Curve Cryptography ECC certificate or 2...
K15983: Linux kernel vulnerability CVE-2013-7263
Security Advisory Description The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a 1 recvfrom, 2 recvmmsg, or 3 recvmsg system cal...
K19414951: Linux kernel vulnerability CVE-2022-0995
Security Advisory Description An out-of-bounds OOB memory write flaw was found in the Linux kernels watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...
K1989: Apache/mod_ssl Worm vulnerability CA-2002-27
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...
K1956: Integer Overflow In XDR Library - CA-2002-25
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K52559937: Overview of NGINX vulnerabilities (May 2021)
Security Advisory Description On May 25, 2021, NGINX announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your NGINX systems. The details of each issue can be found in the associated Security Advisory...
K09052213: glibc vulnerability CVE-2015-8777
Security Advisory Description The processenvvars function in elf/rtld.c in the GNU C Library aka glibc or libc6 before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LDPOINTERGUARD environment variable. CVE-2015-8777 Impact This vulnerability may...
K12851: BIND vulnerability CVE-2010-3613
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K43850230: BIG-IP DNS vulnerability CVE-2020-27717
Security Advisory Description Undisclosed series of DNS requests may cause TMM to restart and generate a core file. CVE-2020-27717 Impact This vulnerability causes a denial of service DoS in data plane traffic. The affected BIG-IP system temporarily fails to process traffic as it recovers from a...
K39178480: Perl vulnerability CVE-2018-18311
Security Advisory Description Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CVE-2018-18311 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Produc...
K53183580: TMM FastL4 vulnerability CVE-2019-6680
Security Advisory Description While processing traffic through a standard virtual server that targets a FastL4 virtual server VIP on VIP, hardware appliances may stop responding. CVE-2019-6680 Impact This vulnerability allows remote attackers to cause a denial of service DoS on the BIG-IP system...
K33444350: F5 SSL Orchestrator vulnerability CVE-2019-6630
Security Advisory Description Undisclosed traffic flow may cause TMM to restart under certain circumstances. CVE-2019-6630 Impact A remote attacker may be able to disrupt service by causing the Traffic Management Microkernel TMM to restart. This issue only affects F5 SSL Orchestrator systems...
K52342540: Java SE vulnerability CVE-2017-10108
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability...
K37611417: Intel Driver vulnerability CVE-2020-12307
Security Advisory Description Improper permissions in some IntelR High Definition Audio drivers before version 9.21.00.4561 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-12307 Impact There is no impact; F5 products are not affected by thi...
K54167061: TMM SSL profile vulnerability CVE-2019-6592
Security Advisory Description TMM may restart and produce a core file when validating SSL certificates in Client SSL or Server SSL profiles. CVE-2019-6592 Impact BIG-IP The Traffic Management Microkernel TMM may restart and temporarily fail to process traffic. BIG-IQ, Enterprise Manager, F5...
K01471335: BIND vulnerability CVE-2016-2848
Security Advisory Description ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record. CVE-2016-2848 Impact A remote attacker may be able to cause a...
K13421245: TMM vulnerability CVE-2017-6162
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, 11.2.1, in some cases TMM may crash when processing TCP traffic. This vulnerability affects T...
K14200143: Linux kernel vulnerability CVE-2019-19058
Security Advisory Description A memory leak in the allocsgtable function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering allocpage failures, aka CID-b4b814fec1a5. CVE-2019-19058 Impact...
K04327111: Linux kernel vulnerability CVE-2019-3896
Security Advisory Description A double-free can happen in idrremoveall in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service DoS. CVE-2019-3896 Impact Traffix SDC An attacker may cause...
K05909237: BouncyCastle Java crypto vulnerability CVE-2017-13098
Security Advisory Description BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE Java Cryptography Extension for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private...
K59298921: OpenSSL vulnerability CVE-2016-2181
Security Advisory Description The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service false-positive packet drops via spoofed DTLS...
K40306410: PHP vulnerability CVE-2014-0236
Security Advisory Description file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a zero rootstorage value in a CDF file, related to cdf.c and readcdf.c. CVE-2014-0236 Impa...
K27673650: Linux kernel vulnerability CVE-2018-17972
Security Advisory Description An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel...
K41739114: Linux kernel vulnerability CVE-2014-6410
Security Advisory Description A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially...
K35504111: Linux kernel vulnerability CVE-2018-1000026
Security Advisory Description Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitabl...
K21009022: NGINX Controller insecure database transport vulnerability CVE-2020-5865
Security Advisory Description The NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle MiTM attacks. CVE-2020-5865 Impact An attacker can modify user entered data or...
K35040315: glibc vulnerability CVE-2016-10739
Security Advisory Description In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a...
K36462841: Linux kernel vulnerability CVE-2018-18281
Security Advisory Description Since Linux kernel version 3.2, the mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the pagetables of a task that is in the middle of mremap, a stale TLB entry can remain for a short time that...
K05715414: Apache CloudStack vulnerability CVE-2016-3085
Security Advisory Description Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the...
K41351250: BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23031
Security Advisory Description An authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. CVE-2021-23031 Impact When this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary...
K02349370: dom4j library vulnerability CVE-2020-10683
Security Advisory Description dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. CVE-2020-106...
K35195140: BIG-IQ Access Manager role vulnerability CVE-2017-6152
Security Advisory Description A local BIG-IQ user with the Access Manager role has privileges to change the passwords of other users on the system, including the local admin account password. CVE-2017-6152 Impact This vulnerability allows increased privileges for user accounts with the Access...
K82356391: Intel CPU vulnerability CVE-2020-0591
Security Advisory Description Improper buffer restrictions in BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-0591 Impact There is no impact; F5 products are not affected by this vulnerability. F5...
K31934524: BIG-IP SNAT vulnerability CVE-2021-22998
Security Advisory Description SYN flood protection thresholds are not enforced in secure network address translation SNAT listeners. CVE-2021-22998 Impact Connections to SNAT listeners are not bound by SYN cookie thresholds, leaving them potentially vulnerable to SYN flood class attacks. This iss...
K69550896: Linux kernel vulnerability CVE-2019-11683
Security Advisory Description udpgroreceivesegment in net/ipv4/udpoffload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service slab-out-of-bounds memory corruption or possibly have unspecified other impact via UDP packets with a 0 payload, because of...
K74413297: Linux kernel vulnerability CVE-2014-3184
Security Advisory Description The reportfixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service out-of-bounds write via a crafted device that provides a small report descriptor, related to 1...
K84602160: Linux kernel vulnerability CVE-2021-3491
Security Advisory Description The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin memrw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code...
K30343902: BIG-IP APM XSS vulnerability CVE-2020-27726
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. CVE-2020-27726 Impact An attacker can craft a malicious URL and send it to an authenticated...
K83504933: Intel I210 network adapter vulnerability CVE-2020-0524
Security Advisory Description Improper default permissions in the firmware for the IntelR Ethernet I210 Controller series of network adapters before version 3.30 may allow an authenticated user to potentially enable denial of service via local access. CVE-2020-0524 Impact The BIG-IP management...
K34441555: BIG-IP TMM vulnerability CVE-2021-23000
Security Advisory Description If the tmm.http.rfc.enforcement BigDB key is enabled in a BIG-IP system, or the Bad host header value is checked in the AFM HTTP security profile associated with a virtual server, in rare instances, a specific sequence of malicious requests may cause TMM to restart...