39 matches found
CVE-2014-6271
CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...
CVE-2014-7169
CVE-2014-7169 affects GNU Bash up to 4.3, where parsing of function definitions in environment variables can be exploited to run commands or impact other attributes across privilege boundaries (notably via ForceCommand in OpenSSH sshd and via mod_cgi/mod_cgid in Apache, as well as DHCP client scr...
CVE-2011-3188
CVE-2011-3188 affects the Linux kernel prior to 3.1, where IPv4 and IPv6 sequence numbers/Fragment IDs are generated with a modified MD4. This predictable value generation enables remote attackers to cause DoS or hijack sessions by crafting packets. The vulnerability is mitigated by upgrading the...
CVE-2019-11479
The CVE-2019-11479 family (SACK/MSS issues on the Linux kernel) stems from a hard-coded MSS of 48 bytes, enabling remote DoS via fragmented TCP handling. Public docs list CVE-2019-11477 (SACK Panic), CVE-2019-11478 (SACK Slowness/Excess Resource Usage), and CVE-2019-11479 (Low MSS) with kernel-wi...
CVE-2014-0196
CVE-2014-0196 affects the Linux kernel (through 3.14.3) specifically the n_tty_write function in drivers/tty/n_tty.c. The flaw permits a local user to trigger a race condition between read and write operations with long strings in the LECHO & !OPOST case, enabling denial of service (memory corrup...
CVE-2018-12207
CVE-2018-12207 describes an issue where improper invalidation of page-table updates by a privileged guest can cause a Denial of Service on the host on Intel processors. The vulnerability stems from how the guest VM handles translations in the MMU/TLB when paging structures change, potentially exp...
CVE-2018-5743
CVE-2018-5743 affects BIND in multiple releases (notably 9.9.0–9.14.0, including some 9.11/9.13 branches). The flaw allows the named process to exceed its configured limit on simultaneous TCP connections, risking exhaustion of file descriptors and potentially affecting associated log/zone file ma...
CVE-2018-14634
CVE-2018-14634 is a Linux kernel integer overflow vulnerability in create_elf_tables(). An unprivileged local user with access to a SUID (or otherwise privileged) binary could escalate privileges. Documented vulnerable kernel families include 2.6.x, 3.10.x, and 4.14.x. Mitigations/recognitions ex...
CVE-2019-6471
CVE-2019-6471 is a race-condition vulnerability in ISC BIND where discarding malformed packets can trigger a REQUIRE assertion failure in dispatch.c, causing named to exit and produce a DoS. Affected versions include BIND 9.11.0–9.11.7, 9.12.0–9.12.4-P1, 9.14.0–9.14.2, all 9.13 development releas...
CVE-2018-14468
tcpdump before 4.9.3 contains a buffer over-read in the FRF.16 parser (print-fr.c:mfr_print()). Upgrading to tcpdump 4.9.3 (or later) is the remediation mentioned in the accompanying advisories for affected platforms.
CVE-2018-14880
tcpdump has a confirmed vulnerability CVE-2018-14880 in the OSPFv3 parser: a buffer over-read in ospf6_print_lshdr() inside print-ospf6.c, affecting tcpdump before version 4.9.3. Connected advisories (e.g., AlmaLinux ALSA-2020:4760, Debian DSA-4547-1, DLA-1955-1) reference this CVE and span multi...
CVE-2019-6642
CVE-2019-6642 affects F5 BIG-IP family (and related: BIG-IQ, iWorkflow, Enterprise Manager) with authenticated users able to upload files (e.g., via scp) and abuse the TMOS Shell (tmsh) to escalate to a root shell. The flaw arises from tmsh allowing execution of a secondary program via tools like...
CVE-2014-5209
The CVE-2014-5209 issue affects NTP 4.2.7p25 private (mode 6/7) messages via GET_RESTRICT, enabling information disclosure of sensitive data. Impact is limited to partial confidentiality; no exploit details are provided in the sources. No patched version is listed in the initial docs; a practical...
CVE-2019-6646
CVE-2019-6646 affects BIG-IP iControl REST (including BIG-IP 11.5.2–11.6.5 and Enterprise Manager 3.1.1). The root issue is privilege escalation via REST access: REST users with guest privileges can escalate to admin and execute commands. Documents indicate vulnerable versions and the high-severi...
CVE-2014-4027
CVE-2014-4027 affects the Linux kernel prior to 3.14. The flaw is in the rd_build_device_space function (drivers/target/target_core_rd.c), where a data structure is not properly initialized, enabling local users to read sensitive information from ramdisk_mcp memory by abusing access to a SCSI ini...
CVE-2012-1493
CVE-2012-1493 affects F5 BIG-IP appliances (9.x before 9.4.8-HF5; 10.x before 10.2.4; 11.0.x before 11.0.0-HF2; 11.1.x before 11.1.0-HF3) and Enterprise Manager variants; a single SSH private key is used across different customers and access is not properly restricted, enabling remote SSH logins ...
CVE-2015-4040
CVE-2015-4040 – F5 BIG-IP configuration utility directory traversal : The vulnerability affects F5 BIG-IP prior to 12.0.0 and Enterprise Manager 3.0.0–3.1.1. An authenticated user could use the handler parameter to traverse the web root and access files (e.g., WEB-INF/web.xml). This is a post-aut...
CVE-2015-4047
The CVE-2015-4047 vulnerability affects ipsec-tools, specifically the racoon daemon's code path in racoon/gssapi.c. A remote attacker can send crafted UDP requests to trigger a NULL pointer dereference, causing the IKE daemon to crash and resulting in DoS. The issue is associated with IPsec-Tools...
CVE-2019-6663
The CVE-2019-6663 entry covers BIG-IP, BIG-IQ, Enterprise Manager, and F5 iWorkflow configuration utility exposure to an Anti DNS Pinning (DNS Rebinding) attack. The root cause is insufficient verification of the Host field in HTTP requests, allowing an attacker controlling DNS to bind a maliciou...
CVE-2016-5022
CVE-2016-5022 affects F5 BIG-IP components when Packet Filtering is enabled on virtual servers/self IPs. An unauthenticated remote attacker can disrupt services by sending crafted traffic, causing the Traffic Management Microkernel (TMM) to restart and temporarily fail to process traffic. Affecte...
CVE-2017-6128
CVE-2017-6128 affects F5 BIG‑IP family (sshd DoS). The advisory lists multiple products (BIG‑IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, PSM, WebSafe, WebAccelerator, iWorkflow, BIG‑IQ components, and related management interfaces) with specific vulne...
CVE-2018-15322
The CVE-2018-15322 affects BIG-IP family with tmsh access where repeatedly saving edits via the tmsh edit cli preference command can exhaust /var partition storage, causing DoS. Affected: BIG-IP (versions 14.0.0–14.0.0.2, 13.0.0–13.1.0.7, 12.1.0–12.1.3.5, 11.6.0–11.6.3.2, 11.2.1–11.5.6); BIG-IQ C...
CVE-2019-6665
CVE-2019-6665 affects BIG-IP ASM (15.0.0–15.0.1, 14.1.0–14.1.2, 14.0.0–14.0.1, 13.1.0–13.1.3.1), BIG-IQ 5.2.0–5.4.0 and 6.x, Enterprise Manager 3.1.1, and F5 iWorkflow 2.3.0. An attacker able to access the device communications between the BIG-IP ASM Central Policy Builder and BIG-IQ/Enterprise M...
CVE-2014-2927
F5 BIG-IP ConfigSync rsync vulnerability (CVE-2014-2927) allows unauthenticated remote read/write via the ConfigSync IP in failover mode. Affected: BIG-IP LTM and multiple modules (and Enterprise Manager 3.x) across versions from 11.0.0 up to 11.5.1 (including HF3/HF4 and related revisions) and 3...
CVE-2020-5854
The CVE-2020-5854 issue affects BIG-IP TMM when using the connector profile, causing a core on specific connection sequences and temporary traffic processing failure post-restart, with device group failover risk. According to the F5 K50046200 advisory, vulnerable versions are BIG-IP TMM 11.6.0–11...
CVE-2019-6651
CVE-2019-6651 affects F5 BIG-IP family and related products (BIG-IQ, iWorkflow, Enterprise Manager) via the REST framework in the Configuration utility login page. The vulnerability arises from processing a modified request, leading to inconsistent HTTP responses that could aid an attacker. Affec...
CVE-2018-15321
CVE-2018-15321 affects BIG-IP products when Appliance mode is licensed and Admin/Resource Administrator roles have or are granted TMSH access. The issue allows high-privilege attackers to bypass Appliance mode restrictions and overwrite critical system files via TMSH, bypassing security controls....
CVE-2018-15329
The CVE-2018-15329 issue affects BIG-IP TMUI (Traffic Management User Interface) where restrictions on allowed commands may not be enforced when authenticated admins run commands. Affected versions include BIG-IP 14.0.0–14.0.0.2, 13.0.0–13.1.1.1, 12.1.0–12.1.3.7, and Enterprise Manager 3.1.1. Acc...
CVE-2019-19151
CVE-2019-19151 affects F5 BIG-IP family (TMOS) and related tools: authenticated TMOS Shell users can access file-system objects disallowed by tmsh. Affected: BIG-IP releases 11.5.2–11.6.5.1, 12.1.0–12.1.5, 13.1.0–13.1.3.2, 14.0.0–14.1.2.3, 15.0.0–15.1.0; BIG-IQ 5.x–7.x; iWorkflow 2.3.0; Enterpris...
CVE-2014-4023
CVE-2014-4023 describes an XSS vulnerability in tmui/dashboard/echo.jsp used by the BIG-IP Configuration utility (and Enterprise Manager). Connected sources confirm multiple BIG-IP family components (LTM, APM, ASM, GTM, Link Controller, Edge Gateway, Analytics, WebAccelerator, WOM, PEM, AAM, Ente...
CVE-2016-7469
CVE-2016-7469 is a stored XSS vulnerability in the BIG-IP Configuration utility device name change page affecting multiple BIG-IP products (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM, WebSafe) across versions 12.0.0–12.1.2, 11.4.0–11...
CVE-2019-6598
The connected advisory details CVE-2019-6598 affecting BIG-IP TMUI/Configuration utility. Vulnerable in BIG-IP 14.0.0 (to 14.0.0.2), 13.x (to 13.1.0.7/13.1.0.8), 12.1.x (to 12.1.3.5/12.1.3.6), 11.x (to 11.6.3.2/11.5.8), and Enterprise Manager 3.1.1. Attack requires an authenticated user with any ...
CVE-2018-15327
CVE-2018-15327 affects BIG-IP TMUI (Traffic Management UI) and Enterprise Manager. Authenticated administrative users can run commands without proper restrictions, enabling privilege escalation. Affected: BIG-IP 14.x (14.0.0–14.0.0.2) and 14.x 14.0.0.3 fix; 13.x (13.0.0–13.1.1.1) with fix in 13.1...
CVE-2014-6032
CVE-2014-6032 describes multiple XXE flaws in the Configuration utility of F5 BIG-IP products (LTM, ASM, GTM, Link Controller, AAM, ARM, Analytics, APM/Edge Gateway, PEM, PSM, WOM, Enterprise Manager) affecting versions ranging from 10.0.0 through 10.2.4 and 11.0.0 through 11.6.0 (and related hot...
CVE-2014-3959
CVE-2014-3959 is an XSS vulnerability in list.jsp used by BIG-IP Configuration utilities. Concretes: affected products include BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, Enterprise Manager and related components; vulnerable across multiple versions (for example BIG-IP LTM, A...
CVE-2018-5523
Summary of CVE-2018-5523 (F5 BIG-IP TMUI command restriction bypass) This issue affects BIG-IP TMUI (BIG-IP Configuration utility) on multiple versions, where authenticated administrative users can run commands without enforcement of restrictions. A privilege-escalation path exists for authentica...
CVE-2018-5540
CVE-2018-5540 affects F5 BIG-IP family where the big3d process does not irrevocably minimize group privileges at startup. The F5 advisory K82038789 lists vulnerable lines and fixed versions: BIG-IP DNS/GTM 13.x: upgrade to 13.1.0; 12.x: upgrade to 12.1.3.4; 11.x: upgrade to 11.6.3.2 (11.6.0-11.6....
CVE-2019-6597
CVE-2019-6597 (BIG-IP TMUI): Affects BIG-IP versions 13.0.0–13.1.1.1, 12.1.0–12.1.3.7, 11.6.1–11.6.3.2, 11.5.1–11.5.8, and Enterprise Manager 3.1.1. The vulnerability arises because restrictions on commands that can be executed via the Traffic Management User Interface (TMUI) may not be enforced ...
CVE-2018-15328
CVE-2018-15328 affects BIG-IP family, BIG-IQ, iWorkflow, and Enterprise Manager where SNMPv3 passphrases and trap destinations are not encrypted by the Secure Vault and are written in clear text to configuration files. Affected: BIG-IP components across 14.x (fix: 14.1.0), 13.x (13.0.0–13.1.1; “w...