CVE-2025-61933

A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K000148816: BIG-IP APM and SSL Orchestrator vulnerability CVE-2025-47148

Security Advisory Description When the BIG-IP system is configured as both a Security Assertion Markup Language SAML service provider SP and Identity Provider IdP, with single logout SLO enabled on an access policy, undisclosed requests can cause an increase in memory resource utilization...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

Vuln Impact This vulnerability may allow an unauthenticated...

F5 BIG-IP APM 访问控制错误漏洞

F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. F5 BIG-IP APM suffers from an Access Control Error vulnerability that arises from a connection to the BIG-IP Edge Client on Mac and Windows wh...

F5 BIG-IP 访问控制错误漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. An Access Control Error vulnerability exists in BIG-IP, which stems from improper access restriction. The following products and versions are...

F5 GE APM Resource Management Error Vulnerability

F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A resource management error vulnerability exists in F5 BIG-IP APM, which can be exploited by an attacker to trigger a denial of service via an...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

CVE-2020-5902-P...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

CVE-2020-5902...

CVE-2019-6661

When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources...

WAFW00F v1.0.0 - Detect All The Web Application Firewall!

WAFW00F identifies and fingerprints Web Application Firewall WAF products. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...

F5 BIG-IP Access Policy Manager Information Disclosure Vulnerability

F5 BIG-IP Access Policy Manager APM is a suite of access and security solutions from F5 USA. The solution provides unified access to business-critical applications and networks. An information disclosure vulnerability exists in F5 BIG-IP APM versions 12.0.0 through 12.1.2, 11.6.0 through 11.6.1,...

F5 Networks BIG-IP : libxml2 vulnerability (K14338030)

The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document. CVE-2016-1762 File data f5bigipSOL14338030.nasl...

SOL15876 - PHP vulnerability CVE-2013-2110

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...