Code injection

F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPTCP option of a TC...

CVE-2017-6157

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an...

CVE-2017-0303

Summary : CVE-2017-0303 affects multiple BIG-IP products (e.g., BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) with affected versions including 13.0.0 and 12.0.0–12.1.2, 11.5.1–11.6.1. The issue arises when connections handled by a Virtual Server with an assoc...

PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890

F5 Product Development has evaluated the currently supported releases for potential vulnerability. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an...

F5 Networks BIG-IP : TMM vulnerability (K82851041)

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disrupti...

weka-akademie.de XSS vulnerability

Vulnerable URL: https://www.weka-akademie.de/?s=%22%3Eblub%3Csvg%2Fonload%3Dalert%28%2FOPENBUGBOUNTY%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at 01.06.2017 Latest check for patch:| 01.06.2017 10:35 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...

F5 WebSafe Dashboard Cross-Site Scripting Vulnerability

F5 WebSafe is a suite of web fraud protection solutions from F5 USA. The solution provides malware and fraud detection, client-side mobile threat protection, etc. F5 WebSafe Dashboard is one of the configuration management tools. A cross-site scripting vulnerability exists in F5 WebSafe Dashboard...

SOL55922302 - XSS in F5 WebSafe Dashboard vulnerability CVE-2016-5236

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

F5 WebSafe Dashboard Cross-Site Scripting Vulnerability

F5 WebSafe is a suite of web fraud protection solutions from F5 USA. The solution provides malware and fraud detection, client-side mobile threat protection, etc. F5 WebSafe Dashboard is one of the configuration management tools. A cross-site scripting vulnerability exists in F5 WebSafe Dashboard...

SOL48572812 - Cross Site Scripting (XSS) vulnerability in F5 WebSafe Dashboard CVE-2016-5235

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

Code injection

Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka...

CVE-2010-0144

Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka...

CVE-2010-0144

CVE-2010-0144 : Affected Cisco IronPort Encryption Appliance/PostX MAP systems running 6.2.x before 6.2.9.1 or 6.5.x before 6.5.2 (and PostX MAP before 6.2.9.1) expose an unspecified vulnerability in the WebSafe DistributorServlet of the embedded HTTPS server that allows remote attackers to read ...

Unfixed XSS vulnerability at www.websafe.co.nz

Security researcher JoCk3r, has submitted on 27/09/2008 a cross-site-scripting XSS vulnerability affecting www.websafe.co.nz, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is currently...