CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

F5 Networks•added 2024/02/14 1:39 p.m.•34 views

K11453402: BIG-IP Cookie encryption security exposure

Security Advisory Description When HTTP Profile Cookie encryption is enabled, duplicate HTTP cookies may be passed on to back-end servers. This issue occurs when the following condition is met: The virtual server has an HTTP Profile with Cookie Encryption enabled. Impact The back-end pool member...

6.7AI score

Exploits0

F5 Networks•added 2023/02/21 7:48 p.m.•7 views

K32055534: Brute Force Attack Prevention feature may erroneously stop prevention before an attack is over

Security Advisory Description The Brute Force Attack Prevention feature may stop prevention before the attack is over. This issue occurs when all of the following conditions are met: You configured the BIG-IP ASM system with many virtual servers hundreds that have web application protection with...

6.8AI score

Exploits0

F5 Networks•added 2023/02/21 7:42 p.m.•748 views

K31333705: BIG-IP APM portal access may potentially leak host name information for back-end servers

Security Advisory Description This issue occurs when all of the following conditions are met: You configure the BIG-IP APM system to provide portal access to back-end resources. Users accessing portal access resources receive redirect responses from the BIG-IP APM system due to DNS resolution...

6.4AI score

Exploits0

RedhatCVE•added 2021/03/31 10:7 a.m.•31 views

CVE-2021-28543

A NULL pointer dereference issue was found in Varnish Cache through the 'header' module from the separate varnish-modules package. This flaw might allow for remote clients to cause Varnish to assert and restart, reducing overall availability and performance due to an increased number of cache...

7.5CVSS1AI score0.00918EPSS

Exploits0References4

OSV•added 2020/04/30 9:15 p.m.•2 views

CVE-2020-5879

On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system sends data plane traffic to back-end servers unencrypted, even when a Server SSL profile is applied...

7.5CVSS7.1AI score

Exploits0References1

Cvelist•added 2020/04/30 8:46 p.m.•13 views

CVE-2020-5879

On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system sends data plane traffic to back-end servers unencrypted, even when a Server SSL profile is applied...

7.5AI score0.00251EPSS

Exploits0References1

Tenable Nessus•added 2020/03/31 12:0 a.m.•24 views

F5 Networks BIG-IP : BIG-IP APM Portal Access vulnerability (K73183618)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.2 / 12.1.5.2 / 14.1.2.5 / 15.0.1.3 / 15.1.0.2 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K73183618 advisory. InBIG-IP APM Portal Access, HTTP pages that are served by back-end serve...

5.4CVSS5.7AI score0.00275EPSS

Exploits0References2

ThreatPost•added 2020/03/16 5:16 p.m.•17 views

Microsoft Edge Shares Privacy-Busting Telemetry, Research Alleges

Microsoft Edge is one of the least private web browsers — even more so than other popular browsers like Google Chrome and Mozilla Firefox — according to academic researchers. According to the analysis, from Douglas Leith with the School of Computer Science and Statistics at Trinity College in...

0.3AI score

Exploits0References7

Veracode•added 2019/05/02 4:53 a.m.•58 views

Denial Of Service (DoS)

httpd is vulnerable to denial of service. It was discovered that modproxyajp, when used in configurations with modproxy in load balancer mode, would mark a back-end server as failed when request processing timed out, even when a previous AJP Apache JServ Protocol CPing request was responded to by...

5CVSS5.8AI score0.25967EPSS

Exploits1References51Affected Software35