Latest Security News about f5

Contact US For API Security>

ConfigSync vulnerability in F5

Overview : F5 BIG-IP and Enterprise Manager may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings. Affected Product(s) : F5 BIG-IP 15.0.0 F5 BIG-IP 14.1.0-14.1.0.6 F5 BIG-IP 14.0.0-14.0.0.5 F5 BIG-IP 13.0.0-13.1.1.5 F5 BIG-IP 12.1.0-12.1.4.1 F5 BIG-IP 11.6.0-11.6.4 F5 BIG-IP 11.5.1-11.5.9 Enterprise Manager 3.1.1 Vulnerability Details : CVE […]

Contact US For API Security>

Accusoft ImageGear ICO ico_read buffer size computation code execution vulnerability

Overview : An exploitable out-of-bounds write vulnerability exists in the ico_read function of the igcore19d.dll library of Accusoft ImageGear 19.6.0. A specially crafted ICO file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. CVE-2020-6082   TALOS-2020-1004 Accusoft [...]
Contact US For API Security>

The Argo Project is an open source provider of Kubernetes CI/CD workflows, facilitating Infrastructure as Code.

  Overview : In Argo versions prior to v1.5.0-rc1, it was possible for authenticated Argo users to submit API calls to retrieve secrets and other manifests which were stored within git. The Argo Project is an open source provider of Kubernetes CI/CD workflows, facilitating Infrastructure as Code. I Identified five security issues in Argo: one sensitive information [...]
Contact US For API Security>

Apache HTTP Server 2.4 vulnerabilities

  Overview : In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. CVE-2020-1927   Apache HTTP Server 2.4 vulnerabilities This page lists all security vulnerabilities fixed in released versions [...]