11 matches found
EUVD-2026-29957
An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-20916
An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-20916 BIG-IQ iControl REST vulnerability
An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
PT-2026-40631
An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2020-27098
Malware in sbrugna...
K000149915: zlib vulnerability CVE-2016-9841
Security Advisory Description inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. CVE-2016-9841 Impact This vulnerability may allow an attacker to cause a denial-of-service DoS on the BIG-IP or BIG-IQ system. Securi...
K000149905: zlib vulnerability CVE-2016-9840
Security Advisory Description inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. CVE-2016-9840 Impact This vulnerability may allow an attacker to cause a denial-of-service DoS on the BIG-IP or BIG-IQ system...
K00994461: GSON vulnerability CVE-2022-25647
Security Advisory Description The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace method in internal classes, which may lead to DoS attacks. CVE-2022-25647 Impact Traffic is disrupted for new client connections. This...
F5 Networks BIG-IP : GSON vulnerability (K00994461)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4. It is, therefore, affected by a vulnerability as referenced in the K00994461 advisory. The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the...
F5 Networks BIG-IP : Virtual Machine Manager L1 Terminal Fault vulnerability (K31300402)
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. CVE-2018-3646al...
SOL63712424 - PHP vulnerability CVE-2015-8935
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...