The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of F5 BIG-IP Hardware

Linux kernel: integer overflow via create_elf_tables
An attacker can generate an integer overflow via create_elf_tables() of the Linux kernel, in order to trigger a denial of service, and possibly to run code...
CERTFR-2018-AVI-457, CERTFR-2018-AVI-459, CERTFR-2018-AVI-460, CERTFR-2018-AVI-462, CERTFR-2018-AVI-478, CERTFR-2018-AVI-480, CERTFR-2018-AVI-567, CERTFR-2019-AVI-188, CERTFR-2019-AVI-242, CVE-2018-14634, DLA-1529-1, JSA10917, K20934447, PAN-SA-2019-0006, RHSA-2018:2748-01, RHSA-2018:2763-01, RHSA-2018:2846-01, RHSA-2018:2924-01, RHSA-2018:2925-01, RHSA-2018:2933-01, RHSA-2018:3540-01, RHSA-2018:3586-01, RHSA-2018:3590-01, RHSA-2018:3591-01, RHSA-2018:3643-01, SUSE-SU-2018:2879-1, SUSE-SU-2018:2907-1, SUSE-SU-2018:2908-1, SUSE-SU-2018:2908-2, SUSE-SU-2018:3083-1, SUSE-SU-2018:3088-1, USN-3775-1, USN-3775-2, USN-3779-1, VIGILANCE-VUL-27320
F5 BIG-IP ASM: privilege escalation via Ignored Attack Signatures
An attacker can bypass restrictions via Ignored Attack Signatures of F5 BIG-IP ASM, in order to escalate his privileges...
K83093212, VIGILANCE-VUL-27258
F5 BIG-IP APM: information disclosure via Rewritten Pages Software Version
An attacker can bypass access restrictions to data via Rewritten Pages Software Version of F5 BIG-IP APM, in order to obtain sensitive information...
CVE-2018-15310, K40625021, VIGILANCE-VUL-27226
F5 BIG-IP APM: denial of service via SAML Assertion
An attacker can generate a fatal error via SAML Assertion of F5 BIG-IP APM, in order to trigger a denial of service...
CVE-2018-5549, K05018525, VIGILANCE-VUL-27225
F5 BIG-IP APM: open redirect via Insecure AES ECB Mode
An attacker can deceive the user via Insecure AES ECB Mode of F5 BIG-IP APM, in order to redirect him to a malicious site...
CVE-2018-5548, K66171422, VIGILANCE-VUL-27224
Linux kernel: information disclosure via cdrom_ioctl_drive_status
An attacker can bypass access restrictions to data via cdrom_ioctl_drive_status() of the Linux kernel, in order to obtain sensitive information...
1103505, CERTFR-2018-AVI-456, CERTFR-2018-AVI-459, CERTFR-2018-AVI-460, CERTFR-2018-AVI-466, CERTFR-2018-AVI-480, CERTFR-2018-AVI-508, CERTFR-2018-AVI-557, CERTFR-2019-AVI-188, CERTFR-2019-AVI-621, CVE-2018-16658, DLA-1529-1, DLA-1531-1, DSA-4308-1, FEDORA-2018-59e4747e0f, K40523020, openSUSE-SU-2018:2738-1, openSUSE-SU-2018:3071-1, RHSA-2019:2029-01, RHSA-2019:2043-01, RHSA-2019:4154-01, SUSE-SU-2018:2858-1, SUSE-SU-2018:2862-1, SUSE-SU-2018:2879-1, SUSE-SU-2018:2907-1, SUSE-SU-2018:2908-1, SUSE-SU-2018:2908-2, SUSE-SU-2018:2980-1, SUSE-SU-2018:3083-1, SUSE-SU-2018:3084-1, SUSE-SU-2018:3088-1, USN-3797-1, USN-3797-2, USN-3820-1, USN-3820-2, USN-3820-3, USN-3822-1, USN-3822-2, VIGILANCE-VUL-27186
BIG-IP APM Client for Linux/macOS: privilege escalation via svpn/policyserver
An attacker can bypass restrictions via svpn/policyserver of BIG-IP APM Client for Linux/macOS, in order to escalate his privileges...
CVE-2018-5546, K54431371, VIGILANCE-VUL-27046
BIG-IP APM Client for Windows: privilege escalation via Certificate User Interface
An attacker can bypass restrictions via Certificate User Interface of BIG-IP APM Client for Windows, in order to escalate his privileges...
CVE-2018-5547, K10015187, VIGILANCE-VUL-27045
IPsec IKEv1 Main Mode: information disclosure via Brute Force
An attacker can bypass access restrictions to data via Brute Force of IKEv1 Main Mode, in order to obtain sensitive information...
CVE-2018-5389, FG-IR-18-214, K42378447, Synology-SA-18:46, VIGILANCE-VUL-27022, VU#857035
Linux kernel: denial of service via FragmentSmack
An attacker can generate a fatal error via FragmentSmack of the Linux kernel, in order to trigger a denial of service...
ADV180022, CERTFR-2018-AVI-390, CERTFR-2018-AVI-392, CERTFR-2018-AVI-419, CERTFR-2018-AVI-457, CERTFR-2018-AVI-478, CERTFR-2018-AVI-533, CERTFR-2019-AVI-233, CERTFR-2019-AVI-242, cisco-sa-20180824-linux-ip-fragment, CVE-2018-5391, DLA-1466-1, DLA-1529-1, DSA-2019-062, DSA-4272-1, FragmentSmack, JSA10917, K74374841, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, openSUSE-SU-2019:0274-1, PAN-SA-2018-0012, RHSA-2018:2785-01, RHSA-2018:2791-01, RHSA-2018:2846-01, RHSA-2018:2924-01, RHSA-2018:2925-01, RHSA-2018:2933-01, RHSA-2018:2948-01, RHSA-2018:3083-01, RHSA-2018:3096-01, RHSA-2018:3459-01, RHSA-2018:3540-01, RHSA-2018:3586-01, RHSA-2018:3590-01, sk134253, SUSE-SU-2018:2344-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2596-1, SUSE-SU-2019:0541-1, SUSE-SU-2019:1289-1, SYMSA1467, Synology-SA-18:44, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, VIGILANCE-VUL-27009, VU#641765
Our database contains other pages. You can request a free trial to read them.

Display information about F5 BIG-IP Hardware: