5364 matches found
CVE-2025-59269 BIG-IP Configuration utility XSS vulnerability
A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-59269
CVE-2025-59269 is a stored cross-site scripting (XSS) vulnerability in BIG-IP Configuration utility. It affects BIG-IP (all modules) and stems from insufficient input handling on an undisclosed page, allowing an attacker to store and execute JavaScript in the context of the currently logged-in us...
CVE-2025-59268
On BIG-IP, CVE-2025-59268 affects the Configuration utility: undisclosed endpoints that serve static non-sensitive information are reachable by an unauthenticated remote attacker, resulting in potential information disclosure. The issue is a control-plane exposure with no data-plane impact report...
K000156800: BIG-IP Configuration utility vulnerability CVE-2025-59483
Security Advisory Description An arbitrary file upload vulnerability exists in an undisclosed URL in the Configuration utility. CVE-2025-59483 Impact A highly privileged authenticated attacker may be able to exploit this vulnerability to upload arbitrary files. This is a control plane issue; ther...
K90301300: BIG-IP Configuration utility vulnerability CVE-2025-59268
Security Advisory Description On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. CVE-2025-59268 Impact This vulnerability may allow an unauthenticated attacker with netwo...
K000156801: BIG-IP Configuration utility vulnerability CVE-2025-54755
Security Advisory Description A directory traversal vulnerability exists in the BIG-IP Configuration utility that allows a highly privileged authenticated attacker to access files which are not limited to the intended files. CVE-2025-54755 Impact A highly privileged authenticated attacker may...
K000151308: BIG-IP Configuration utility XSS vulnerability CVE-2025-59269
Security Advisory Description A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. CVE-2025-59269 Impact An authenticated attacker with at least t...
F5 Networks BIG-IP : BIG-IP Configuration utility XSS vulnerability (K000151308)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.6.1 / 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K000151308 advisory. A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP...
PT-2025-42346
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description A validation vulnerability exists in an undisclosed URL within the Configuration utility. The vulnerability concerns an input validation issue. Recommendations ...
F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000156801)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.6.1 / 17.1.3 / 17.5.1.3. It is, therefore, affected by a vulnerability as referenced in the K000156801 advisory. A directory traversal vulnerability exists in the BIG-IP Configuration utility that allows a...
F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K90301300)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.6.1 / 17.1.3 / 17.5.1.3. It is, therefore, affected by a vulnerability as referenced in the K90301300 advisory. On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are...
F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000156800)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.6.1 / 17.1.3 / 17.5.1.3. It is, therefore, affected by a vulnerability as referenced in the K000156800 advisory. An arbitrary file upload vulnerability exists in an undisclosed URL in the Configuration...
Microsoft PowerShell Utility 访问控制错误漏洞
Microsoft PowerShell Utility is a utility module from Microsoft Corporation USA. The module includes many of the basic administrative commands for PowerShell. An access control error vulnerability exists in Microsoft PowerShell Utility, which stems from an attacker's ability to elevate privileges...
Malicious code in zero-slot-utility (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67e159cc709d3420c86d6676e754cc1f57818b21ccb863dba4d357ab6476c315 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-32988
Malicious code in zero-slot-utility npm...
Malicious Package
Overview zero-slot-utility is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-48018 Malicious code in zero-slot-utility (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67e159cc709d3420c86d6676e754cc1f57818b21ccb863dba4d357ab6476c315 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2010-1486
Malware in sbrugna...
EUVD-2021-26860
Malware in sbrugna...
EUVD-2019-5981
Malware in sbrugna...