Lucene search
K

5847 matches found

F5 Networks
F5 Networks
added 2026/04/07 12:58 a.m.8 views

K000160641: pac4j vulnerability CVE-2026-29000

Security Advisory Description pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can...

9.3CVSS6.9AI score0.05856EPSS
Exploits17
F5 Networks
F5 Networks
added 2026/03/31 7:50 p.m.7 views

K000160560: OpenSSL vulnerability CVE-2025-69420

Security Advisory Description Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Respons...

7.5CVSS5.9AI score0.00768EPSS
Exploits1
F5 Networks
F5 Networks
added 2026/03/31 7:20 p.m.9 views

K000160559: BIND vulnerability CVE-2026-3104

Security Advisory Description A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.4...

7.5CVSS5.9AI score0.00698EPSS
Exploits0
HackRead
HackRead
added 2026/03/31 11:36 a.m.7 views

Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild

F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately...

9.8CVSS6.1AI score0.02213EPSS
Exploits0
F5 Networks
F5 Networks
added 2026/03/30 12:41 a.m.30 views

K000160515: F5 System Scanner

Topic This article explains how to install and run the F5 System Scanner on BIG-IP and standard x8664 Linux systems. The F5 System Scanner supports the following BIG-IP versions hotfixes EHFs: BIG-IP versions released between October 2025 and May 5, 2026 EHFs released between October 2025 and Apr...

5.8AI score
Exploits0
F5 Networks
F5 Networks
added 2026/03/27 11:17 p.m.11 views

K000160508: Oracle Java SE vulnerability CVE-2026-21945

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Orac...

7.5CVSS6.4AI score0.00864EPSS
Exploits0
NCSC
NCSC
added 2026/03/27 6:9 p.m.23 views

Vulnerabilities fixed in F5 Networks BIG-IP, F5OS and NGINX App Protect WAF

F5 Networks has fixed vulnerabilities in the BIG-IP and F5OS product lines and NGINX App Protect WAF. The vulnerabilities include several configuration issues and exploit vectors. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of...

9.8CVSS7.5AI score0.02213EPSS
Exploits0References3
CISA
CISA
added 2026/03/27 12:0 p.m.10 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-53521link is external F5 BIG-IP Remote Code Execution Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and pos...

9.8CVSS6AI score0.02213EPSS
In wildExploits0References6
CISA KEV Catalog
CISA KEV Catalog
added 2026/03/27 12:0 a.m.10 views

F5 BIG-IP Stack-Based Buffer Overflow Vulnerability

F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution...

9.8CVSS6.6AI score0.02213EPSS
In wildExploits0
F5 Networks
F5 Networks
added 2026/03/24 1:46 p.m.12 views

K000160336: Out-of-band Security Notification (March 24, 2026)

Security Advisory Description On March 24, 2026, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. High CVEs...

8.8CVSS5.8AI score0.21621EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.9 views

F5 NGINX Plus和F5 NGINX Open Source 安全漏洞

F5 NGINX Plus and F5 NGINX Open Source are both products of the American company F5. F5 NGINX Plus is a software-based application delivery platform. F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway. Both F5 NGINX Plus and F5 NGINX Open...

8.8CVSS6.1AI score0.21621EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.12 views

F5 NGINX Plus和F5 NGINX Open Source 注入漏洞

F5 NGINX Plus and F5 NGINX Open Source are both products of the American company F5. F5 NGINX Plus is a software-based application delivery platform. F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway. Both F5 NGINX Plus and F5 NGINX Open...

6.3CVSS5.9AI score0.00264EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2026/03/23 12:47 a.m.15 views

K000160420: Linux kernel vulnerabilities CVE-2025-40154

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error message but leaves as is. This may lead to...

5.5AI score0.00193EPSS
Exploits0
F5 Networks
F5 Networks
added 2026/03/19 3:56 a.m.8 views

K000160399: Node.js vulnerability CVE-2025-59464

Security Advisory Description A memory leak in Node.js’s OpenSSL integration occurs when converting X.509 certificate fields to UTF-8 without freeing the allocated buffer. When applications call socket.getPeerCertificatetrue, each certificate field leaks memory, allowing remote clients to trigger...

7.5CVSS6.8AI score0.0023EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/03/13 2:17 p.m.192 views

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

F5 BIG-IP TMUI Remote Code Execution Vulnerability CVE-2020-5...

10CVSS6.8AI score0.99999EPSS
Exploits60
F5 Networks
F5 Networks
added 2026/03/12 11:24 p.m.10 views

K000160327: Protect your network from geopolitical uncertainty with F5

Security Advisory Description While there are many cyber-threats creating a constant need for cybersecurity efforts, history teaches us that geopolitical conflicts often generate increased cyber activity. In recent years the world has seen conflicts in Ukraine, Yemen, Iran, and elsewhere generate...

5.7AI score
Exploits0
F5 Networks
F5 Networks
added 2026/03/10 9:48 p.m.13 views

K000160292: Curl vulnerability CVE-2025-14524

Security Advisory Description When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host. CVE-2025-14524 Impact The...

5.3CVSS5.8AI score0.00611EPSS
Exploits1
F5 Networks
F5 Networks
added 2026/03/04 5:58 a.m.13 views

K000160224: Intel 800 Series Ethernet vulnerability CVE-2025-24484

Security Advisory Description Improper input validation in the Linux kernel-mode driver for some IntelR 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2025-24484 Impact There is no impact; F5 products a...

8.8CVSS5.9AI score0.00128EPSS
Exploits0
F5 Networks
F5 Networks
added 2026/03/04 12:34 a.m.13 views

K000160222: Linux kernel vulnerability CVE-2022-50356

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources...

5.5CVSS6.3AI score0.00191EPSS
Exploits0
F5 Networks
F5 Networks
added 2026/03/04 12:22 a.m.20 views

K000160221: Linux kernel vulnerability CVE-2025-38550

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc-idev in mlddeldelrec pmc-idev is still used in ip6mcclearsrc, so as mldcleardelrec does, the reference should be put after ip6mcclearsrc return. CVE-2025-38550 Impact There...

7.8CVSS6.6AI score0.00144EPSS
Exploits0
Rows per page
Query Builder