Lucene search
K

106 matches found

NVD
NVD
added 2023/05/03 3:15 p.m.23 views

CVE-2023-28742

When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS7.5AI score0.01474EPSS
Exploits0References1
NVD
NVD
added 2023/05/03 3:15 p.m.25 views

CVE-2023-24594

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.3CVSS5.2AI score0.00557EPSS
Exploits0References1
NVD
NVD
added 2023/05/03 3:15 p.m.20 views

CVE-2023-24461

An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.4CVSS7.2AI score0.00286EPSS
Exploits0References1
NVD
NVD
added 2023/05/03 3:15 p.m.20 views

CVE-2023-22372

In the pre connection stage, an improper enforcement of message integrity vulnerability exists in BIG-IP Edge Client for Windows and Mac OS. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.9CVSS5.7AI score0.00219EPSS
Exploits0References1
Prion
Prion
added 2023/05/03 3:15 p.m.19 views

Code injection

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5CVSS5.3AI score0.00557EPSS
Exploits0References1Affected Software20
Cvelist
Cvelist
added 2023/05/03 2:34 p.m.27 views

CVE-2023-28656 NGINX Management Suite vulnerability

NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.1CVSS8.4AI score0.00528EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/05/03 1:5 p.m.35 views

K000133251: Overview of F5 vulnerabilities (May 2023)

Security Advisory Description On May 3, 2023, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated...

8.8CVSS6AI score0.01474EPSS
Exploits0
OSV
OSV
added 2023/02/01 6:15 p.m.5 views

CVE-2023-22340

On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technic...

7.5CVSS7.1AI score0.00626EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/01 5:56 p.m.35 views

CVE-2023-22842 BIG-IP SIP profile vulnerability

On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software...

7.5CVSS7.7AI score0.00626EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/01 5:56 p.m.24 views

CVE-2023-22657 F5OS vulnerability

On F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant file names may allow for command injection. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7CVSS8.1AI score0.00443EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/01 5:54 p.m.27 views

CVE-2023-22340 BIG-IP SIP profile vulnerability

On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technic...

7.5CVSS7.7AI score0.00626EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 6:15 p.m.6 views

CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.5CVSS5.8AI score0.00645EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 6:15 p.m.1 views

CVE-2022-34862

In BIG-IP Versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when an LTM virtual server is configured to perform normalization, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which...

7.5CVSS5.8AI score0.01053EPSS
Exploits1References1
CVE
CVE
added 2022/08/04 5:49 p.m.75 views

CVE-2022-35272

CVE-2022-35272 affects BIG-IP HTTP MRF. When source-port preserve-strict is enabled on an MRF virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to crash (core file) and terminate connections, leading to a denial of service. Affected versions: BIG-IP 17.0.x bef...

7.5CVSS5.7AI score0.00415EPSS
Exploits0References1Affected Software11
CVE
CVE
added 2022/08/04 5:46 p.m.85 views

CVE-2022-33962

CVE-2022-33962 affects BIG-IP iRules: the node command may bypass access controls on a self IP, enabling privilege escalation for an authenticated attacker with iRules Manager role. Affected branches include BIG-IP all modules: 17.x (vulnerable), 16.x, 15.x, 14.x, and 13.x. Remediation: apply fix...

6.7CVSS6.9AI score0.00185EPSS
Exploits0References1Affected Software11
CVE
CVE
added 2022/08/04 5:45 p.m.101 views

CVE-2022-30535

CVE-2022-30535: summary Ingress Controller for NGINX (NGINX Ingress Controller) versions 2.x before 2.3.0 and all 1.x are affected. The issue allows an attacker who can create or update ingress objects to access secrets stored by the NGINX Ingress Controller, constituting a control-plane data dis...

6.5CVSS6.7AI score0.00586EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/08/03 12:0 a.m.37 views

F5 Networks BIG-IP : TMM vulnerability (K16852653)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K16852653 advisory. - In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and a...

7.5CVSS7.4AI score0.00444EPSS
Exploits0References2
NVD
NVD
added 2022/05/05 5:15 p.m.31 views

CVE-2022-27875

On F5 Access for Android 3.x versions prior to 3.0.8, a Task Hijacking vulnerability exists in the F5 Access for Android application, which may allow an attacker to steal sensitive user information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.5CVSS0.00591EPSS
Exploits0References1
NVD
NVD
added 2022/05/05 5:15 p.m.32 views

CVE-2022-26370

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, and 14.1.x versions prior to 14.1.4.6, when a Session Initiation Protocol SIP message routing framework MRF application layer gateway ALG profile is configured on a Message Routing virtual server, undisclosed request...

7.5CVSS0.00764EPSS
Exploits0References1
NVD
NVD
added 2022/05/05 5:15 p.m.29 views

CVE-2022-1388

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End o...

9.8CVSS0.99956EPSS
Exploits63References6
Rows per page
Query Builder