Lucene search
+L

152 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:18 a.m.10 views

CVE-2019-6644

Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, and 12.1.0-12.1.4 BIG-IP will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in debug mode and the...

9.4CVSS6.6AI score0.04277EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/08 12:0 a.m.10 views

PT-2025-1009 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions 21.2R3-S8 through 21.2R3-S9 Junos OS versions 21.4R3-S7 through 21.4R3-S9 Junos OS versions 22.2R3-S4 through 22.2R3-S5 Junos OS versions 22.3R3-S2 through 22.3R3-S4 Junos OS versions 22.4R3 through 22.4R3-S5 Junos OS versio...

8.2CVSS7.1AI score0.00714EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2024/01/08 12:0 a.m.3 views

PT-2024-14038 · Stud.Ip · Stud.Ip

Name of the Vulnerable Software and Affected Versions: Stud.IP versions 5.x through 5.3.3 Description: The issue allows XSS with resultant upload of executable files because upload action and edit action in Admin SmileysController do not check the file extension. This leads to remote code executi...

9CVSS9.2AI score0.01286EPSS
Exploits1References9
OSV
OSV
added 2023/02/01 6:15 p.m.7 views

CVE-2023-22839

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests...

7.5CVSS7.1AI score0.00626EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 6:15 p.m.6 views

CVE-2023-22340

On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technic...

7.5CVSS7.1AI score0.00626EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/01 5:53 p.m.41 views

CVE-2023-22323 BIG-IP SSL OCSP Authentication profile vulnerability

In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software...

7.5CVSS7.8AI score0.00663EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/01 12:0 a.m.6 views

PT-2023-18429 · Bip-Ip · Bip-Ip

Name of the Vulnerable Software and Affected Versions: BIP-IP versions 13.1.x BIP-IP versions 14.1.x before 14.1.5.3 BIP-IP versions 15.1.x before 15.1.8.1 BIP-IP versions 16.1.x before 16.1.3.3 BIP-IP versions 17.0.x before 17.0.0.2 Description: When an OCSP authentication profile is configured ...

7.5CVSS7.5AI score0.00663EPSS
Exploits0References4
OSV
OSV
added 2022/10/19 10:15 p.m.4 views

CVE-2022-41832

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when a SIP profile is configured on a virtual server, undisclosed messages can cause an increase in memory resource utilization...

7.5CVSS5.8AI score0.00616EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.8 views

PT-2022-25987 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 13.1.x through 13.1.5.1 BIG-IP versions 14.1.x through 14.1.5.1 BIG-IP versions 15.1.x through 15.1.6.1 BIG-IP versions 16.1.x through 16.1.3.1 Description: An authenticated remote code execution issue exists in the BIG-IP...

7.2CVSS7.2AI score0.011EPSS
Exploits0References3
OSV
OSV
added 2022/08/04 6:15 p.m.8 views

CVE-2022-35240

In BIG-IP Versions 16.1.x before 16.1.2.2, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when the Message Routing MR Message Queuing Telemetry Transport MQTT profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software...

7.5CVSS5.8AI score0.00681EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 6:15 p.m.5 views

CVE-2022-34655

In BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic can cause Traffic Management Microkernel TMM to terminate. Note: Software versions which have...

7.5CVSS5.8AI score0.00681EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 6:15 p.m.2 views

CVE-2022-34851

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an authenticated attacker may cause iControl SOAP to become unavailable through undisclosed request...

6.5CVSS5.8AI score0.00658EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 6:15 p.m.7 views

CVE-2022-33968

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read...

4.9CVSS6AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2022/08/04 6:15 p.m.5 views

CVE-2022-31473

In BIG-IP Versions 16.1.x before 16.1.1 and 15.1.x before 15.1.4, when running in Appliance mode, an authenticated attacker may be able to bypass Appliance mode restrictions due to a directory traversal vulnerability in an undisclosed page within iApps. A successful exploit can allow the attacker...

7.7CVSS5.5AI score0.01768EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/08/04 5:48 p.m.27 views

CVE-2022-34865 Traffic intelligence feeds vulnerability CVE-2022-34865

In BIG-IP Versions 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, Traffic Intelligence feeds, which use HTTPS, do not verify the remote endpoint identity, allowing for potential data poisoning. Note: Software versions which have reached End of Technical Support EoTS are...

4.8CVSS9.5AI score0.00379EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:0 p.m.2 views

CVE-2022-35728

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ version 8.x before 8.2.0 and all versions of 7.x, an authenticated user's iControl REST token may remain valid for a limited time after logging...

9.8CVSS7.3AI score0.00587EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:0 p.m.2 views

CVE-2022-35243

In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.5.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, using an undisclosed iControl REST endpoint. ...

9.1CVSS5.5AI score0.00628EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:0 p.m.4 views

CVE-2022-33962

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings...

6.7CVSS6AI score0.00187EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/08/03 2:0 p.m.3 views

CVE-2022-33968

In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read...

4.9CVSS6.1AI score0.00461EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/05/05 5:15 p.m.4 views

CVE-2022-27659

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, an authenticated attacker can modify or delete Dashboards created by other BIG-IP users in the Traffic Management User Interface TMUI. Note: Software versions which have reach...

4.3CVSS5.8AI score0.00452EPSS
Exploits0References1
Rows per page
Query Builder