Lucene search
K

170 matches found

CNVD
CNVD
added 2023/02/01 12:0 a.m.27 views

F5 BIG-IP AWAF and ASM Denial of Service Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in F5 BIG-IP AWAF and ASM, where when a BIG-IP Advanced WAF or BIG-IP ASM security...

7.5CVSS4.1AI score0.01545EPSS
Exploits0References1
CNVD
CNVD
added 2023/02/01 12:0 a.m.21 views

F5 BIG-IP HTTP/2 profile denial of service vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP HTTP/2 profile, when enabling the client HTTP/2 profile and HTTP MR...

7.5CVSS1.8AI score0.00626EPSS
Exploits0References1
NVD
NVD
added 2022/12/02 3:15 p.m.29 views

CVE-2022-46159

Discourse is an open-source discussion platform. In version 2.8.13 and prior on the stable branch and version 2.9.0.beta14 and prior on the beta and tests-passed branches, any authenticated user can create an unlisted topic. These topics, which are not readily available to other users, can take u...

4.3CVSS0.00605EPSS
Exploits0References2
Prion
Prion
added 2022/10/19 10:15 p.m.17 views

Design/Logic Flaw

In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization...

5CVSS7.5AI score0.00616EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/19 10:15 p.m.20 views

Design/Logic Flaw

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1.x before 15.1.7, 14.1.x before 14.1.5.2, and 13.1.x before 13.1.5.1, when a sideband iRule is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization...

5CVSS7.5AI score0.00616EPSS
Exploits0References1Affected Software11
Prion
Prion
added 2022/10/19 10:15 p.m.16 views

Design/Logic Flaw

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when a SIP profile is configured on a virtual server, undisclosed messages can cause an increase in memory resource utilization...

5CVSS7.5AI score0.00616EPSS
Exploits0References1Affected Software11
Cvelist
Cvelist
added 2022/10/19 9:21 p.m.26 views

CVE-2022-41770 BIG-IP and BIG-IQ iControl REST vulnerability CVE-2022-41770

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iControl REST user can cause an increase in memory resource utilization, via undisclosed requests...

6.5CVSS6.6AI score0.00595EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/19 9:19 p.m.7 views

CVE-2022-41624 BIG-IP iRules vulnerability CVE-2022-41624

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1.x before 15.1.7, 14.1.x before 14.1.5.2, and 13.1.x before 13.1.5.1, when a sideband iRule is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization...

7.5CVSS7.5AI score0.00616EPSS
Exploits0References1
CVE
CVE
added 2022/10/19 9:19 p.m.81 views

CVE-2022-41624

CVE-2022-41624 affects BIG-IP iRules vulnerability. When a sideband iRule is configured on a virtual server, undisclosed traffic can cause memory resource utilization to rise, potentially degrading system performance. Affected BIG-IP versions (per advisory K43024307) include: 17.0.x before 17.0.0...

7.5CVSS7.6AI score0.00616EPSS
Exploits0References1Affected Software11
Tenable Nessus
Tenable Nessus
added 2022/10/19 12:0 a.m.23 views

F5 Networks BIG-IP : BIG-IP AFM NAT64 policy vulnerability (K00721320)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 16.1.3.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K00721320 advisory. - In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address...

7.5CVSS7.4AI score0.00616EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/10/19 12:0 a.m.38 views

F5 Networks BIG-IP : BIG-IP iRules vulnerability (K43024307)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5.1 / 14.1.5.2 / 15.1.7 / 16.1.3.2 / 17.0.0.1 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K43024307 advisory. - In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.2, 15.1....

7.5CVSS7.4AI score0.00616EPSS
Exploits0References2
CVE
CVE
added 2022/08/04 5:49 p.m.96 views

CVE-2022-35241

CVE-2022-35241 affects NGINX Instance Manager (NGINX IM) and is documented by F5 as an issue where undisclosed requests can cause increased disk resource utilization, enabling a remote, authenticated attacker to degrade system performance (DoS). Affected branches: NGINX IM 2.x (2.0.0–2.3.0) with ...

6.5CVSS6.8AI score0.00645EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/08/04 5:49 p.m.42 views

CVE-2022-35241 NGINX Instance Manager vulnerability CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.5CVSS6.7AI score0.00645EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/08/04 5:46 p.m.20 views

CVE-2022-33203 BIG-IP APM and F5 SSL Orchestrator vulnerability CVE-2022-33203

In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when a BIG-IP APM access policy with Service Connect agent is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have...

7.5CVSS7.7AI score0.00668EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/04 12:0 a.m.8 views

PT-2022-22645 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 14.1.x through 14.1.5 BIG-IP versions 15.1.x through 15.1.6.1 BIG-IP versions 16.1.x through 16.1.2.2 Description: When an HTTP2 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory...

7.5CVSS7.3AI score0.00668EPSS
Exploits0References3
CNVD
CNVD
added 2022/08/03 12:0 a.m.31 views

F5 BIG-IP HTTP2 profile denial of service vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in the F5 BIG-IP HTTP2 profile, which stems from the fact that when configuring the...

7.5CVSS2.9AI score0.00668EPSS
Exploits0References1
CNVD
CNVD
added 2022/08/03 12:0 a.m.42 views

F5 NGINX Instance Manager Denial of Service Vulnerability

NGINX Instance Manager NIM is part of F5's NGINX Management Suite NMS.The NIM module provides a REST API that uses standard authentication methods and HTTP response code, among other things.A denial of service vulnerability exists in F5 NGINX Instance Manager, which stems from a When using NGINX...

6.5CVSS1.9AI score0.00645EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/08/03 12:0 a.m.30 views

F5 Networks BIG-IP : BIG-IP Message Routing MQTT vulnerability (K28405643)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K28405643 advisory. - In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5,...

7.5CVSS7.5AI score0.00668EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/08/03 12:0 a.m.23 views

F5 Networks BIG-IP : HTTP2 profile vulnerability (K79933541)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K79933541 advisory. - In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5,...

7.5CVSS7.5AI score0.00668EPSS
Exploits0References2
NVD
NVD
added 2022/05/05 5:15 p.m.23 views

CVE-2022-27181

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when APM is configured on a virtual server and the associated access profile is configured with APM AAA...

5.3CVSS0.00854EPSS
Exploits0References1
Rows per page
Query Builder