Blog

Security Advisory Description A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use- ... More info: https://my.f5.com/manage/s/article/K000133644?utm_source=f5support&utm_medium=RSS

Security Advisory Description Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. More info: https://my.f5.com/manage/s/article/K000133635?utm_source=f5support&utm_medium=RSS

Security Advisory Description A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations ... More info: https://my.f5.com/manage/s/article/K000133616?utm_source=f5support&utm_medium=RSS

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle ... More info: https://my.f5.com/manage/s/article/K000133612?utm_source=f5support&utm_medium=RSS

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.The vulnerabilities are due More info: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=SNMP%20Remote%20Code%20Execution%20Vulnerabilities%20in%20Cisco%20IOS%20and%20IOS%20XE%20Software&vs_k=1

Security Advisory Description xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid ... More info: https://my.f5.com/manage/s/article/K49419538?utm_source=f5support&utm_medium=RSS

Security Advisory Description CVE-2023-21967 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are ... More info: https://my.f5.com/manage/s/article/K000133603?utm_source=f5support&utm_medium=RSS

Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. (CVE-2018-14042) Impact An attacker may exploit this vulnerability to perform a ... More info: https://my.f5.com/manage/s/article/K19785240?utm_source=f5support&utm_medium=RSS

Security Advisory Description In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. (CVE-2019-8331) Impact An attacker can inject a ... More info: https://my.f5.com/manage/s/article/K24383845?utm_source=f5support&utm_medium=RSS

Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. (CVE-2018-14040) Impact An attacker may exploit this vulnerability to perform a ... More info: https://my.f5.com/manage/s/article/K48382137?utm_source=f5support&utm_medium=RSS