Blog

GO vulnerability CVE-2021-3114 Security Advisory Security Advisory Description In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an ... More info: https://support.f5.com/csp/article/K15405135?utm_source=f5support&utm_medium=RSS

PHP vulnerability CVE-2021-21703 Security Advisory Security Advisory Description In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM ... More info: https://support.f5.com/csp/article/K17839423?utm_source=f5support&utm_medium=RSS

The VMware Carbon Black Tech Zone allows you to explore our enterprise-class technical resources (demos, release notes, best practices, overviews and more) that are organized and structured in easy-to-follow activity paths. Be sure to check out the latest news and insights in the “What’s New in VMware Carbon Black Tech Zone” October 2021 edition. The The post What’s New in the VMware Carbon Black Tech Zone: October 2021 appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2021/11/whats-new-in-the-vmware-carbon-black-tech-zone-october-2021.html?utm_source=rss&utm_medium=rss&utm_campaign=whats-new-in-the-vmware-carbon-black-tech-zone-october-2021

BIND vulnerability CVE-2021-25219 Security Advisory Security Advisory Description In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of ... More info: https://support.f5.com/csp/article/K77326807?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2020-27777 Security Advisory Security Advisory Description A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked ... More info: https://support.f5.com/csp/article/K61294700?utm_source=f5support&utm_medium=RSS

Apache HTTP server vulnerability CVE-2021-41524 Security Advisory Security Advisory Description While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request ... More info: https://support.f5.com/csp/article/K56331254?utm_source=f5support&utm_medium=RSS

Linux kernel vulnerability CVE-2020-28374 Security Advisory Security Advisory Description In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking ... More info: https://support.f5.com/csp/article/K15747621?utm_source=f5support&utm_medium=RSS

VMware continues to assist public organizations in their defense against cyberattacks Today, the Biden administration ordered nearly all federal agencies to patch hundreds of cybersecurity vulnerabilities that are known to be exploited, where patches are available. This directive is one of the first actions taken by the Cybersecurity and Infrastructure Security Agency (CISA) and its Joint Cyber Defense Collaborative (JCDC), of which VMware is a member. VMware values The post Biden More info: https://blogs.vmware.com/security/2021/11/biden-administration-directs-federal-agencies-to-patch-known-vulnerabilities.html?utm_source=rss&utm_medium=rss&utm_campaign=biden-administration-directs-federal-agencies-to-patch-known-vulnerabilities

BIG-IP TMUI vulnerability CVE-2021-23043 Security Advisory Security Advisory Description A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that ... More info: https://support.f5.com/csp/article/K63163637?utm_source=f5support&utm_medium=RSS

Overview of Quarterly Security Notifications Security Advisory Security Advisory Description Beginning November 3, 2021, F5 will disclose security vulnerabilities and security exposures for F5 ... More info: https://support.f5.com/csp/article/K12201527?utm_source=f5support&utm_medium=RSS