Security Advisory Description In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. (CVE-2023-22372 ) Impact
More info:
https://my.f5.com/manage/s/article/K000132522?utm_source=f5support&utm_medium=RSS
Security Advisory Description When an SSL profile is configured on a virtual server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. (CVE-2023-24594 ) Impact
More info:
https://my.f5.com/manage/s/article/K000133132?utm_source=f5support&utm_medium=RSS
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-unauth-upgrade-UqhyTWW?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20SPA112%202-Port%20Phone%20Adapters%20Remote%20Command%20Execution%20Vulnerability&vs_k=1
Security Advisory Description When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. (CVE-2023-28742) Impact This vulnerability may allow an ...
More info:
https://my.f5.com/manage/s/article/K000132972?utm_source=f5support&utm_medium=RSS
Security Advisory Description Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility that allow an attacker to run JavaScript ...
More info:
https://my.f5.com/manage/s/article/K000132726?utm_source=f5support&utm_medium=RSS
Security Advisory Description When an SSL profile is configured on a virtual server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. (CVE-2023-24594) Impact
More info:
https://my.f5.com/manage/s/article/K000133132?utm_source=f5support&utm_medium=RSS
Security Advisory Description A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that may allow an authenticated attacker to read files with an . ...
More info:
https://my.f5.com/manage/s/article/K000132768?utm_source=f5support&utm_medium=RSS
Security Advisory Description In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. (CVE-2023-22372) Impact
More info:
https://my.f5.com/manage/s/article/K000132522?utm_source=f5support&utm_medium=RSS
Security Advisory Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and ...
More info:
https://my.f5.com/manage/s/article/K000133753?utm_source=f5support&utm_medium=RSS
Security Advisory Description Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash.
More info:
https://my.f5.com/manage/s/article/K000133752?utm_source=f5support&utm_medium=RSS
