Lucene search
K

88 matches found

Tenable Nessus
Tenable Nessus
added 2017/12/21 12:0 a.m.28 views

F5 Networks BIG-IP : NTP vulnerability (K31310492)

Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response. CVE-2017-6460 C Tenable Network Security, Inc. The descriptive text and package chec...

8.8CVSS8.2AI score0.02682EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/12/21 12:0 a.m.7 views

The vulnerability of the SOCKS proxy server of the BIG-IP Websafe security solution, the BIG-IP Policy Enforcement Manager, a system for controlling and managing network traffic, the BIG-IP Application Security Manager, a system for balancing local traffic, the BIG-IP Link Controller, a system for balancing internet traffic, the BIG-IP Application Acceleration Manager, the BIG-IP Advanced Firewall Manager, and the BIG-IP Access Policy Manager—these tools enable a hacker to cause a service failure.

The vulnerabilities of the SOCKS proxy server of the BIG-IP Websafe protection mechanism, the BIG-IP Policy Enforcement Manager, which is a system for controlling and managing network traffic; the BIG-IP Application Security Manager, which is a system for protecting applications; the BIG-IP Local...

7.5CVSS5.6AI score0.02664EPSS
Exploits0References4Affected Software8
Prion
Prion
added 2017/11/22 4:29 p.m.22 views

Code injection

In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel TMM may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4...

4.3CVSS5.7AI score0.01928EPSS
Exploits0References3Affected Software11
Prion
Prion
added 2017/10/27 2:29 p.m.21 views

Code injection

In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a number of concurrent streams...

4.3CVSS5.8AI score0.01674EPSS
Exploits0References3Affected Software8
Prion
Prion
added 2017/10/27 2:29 p.m.17 views

Code injection

F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, Websafe software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 are vulnerable to a denial of service attack when the MPTCP option is enabled on a virtual server. Data plane is vulnerable when using the MPTCP option of a TC...

4.3CVSS5.6AI score0.01589EPSS
Exploits0References3Affected Software8
CVE
CVE
added 2017/10/27 2:0 p.m.76 views

CVE-2017-0303

Summary : CVE-2017-0303 affects multiple BIG-IP products (e.g., BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) with affected versions including 13.0.0 and 12.0.0–12.1.2, 11.5.1–11.6.1. The issue arises when connections handled by a Virtual Server with an assoc...

7.5CVSS7.4AI score0.02664EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/10/27 2:0 p.m.27 views

CVE-2017-6157

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 12.0.0 to 12.1.1, 11.6.0 to 11.6.1, 11.5.0 - 11.5.4, virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an...

8.7AI score0.04013EPSS
Exploits0References3
CVE
CVE
added 2017/10/27 2:0 p.m.64 views

CVE-2017-6157

CVE-2017-6157 affects BIG-IP virtual servers configured with HTTP Explicit Proxy functionality and/or SOCKS profile across multiple BIG-IP modules. The issue allows an unauthenticated, remote attacker to modify system configuration, exfiltrate sensitive files, and potentially execute commands on ...

8.1CVSS8.6AI score0.04013EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/10/24 12:0 a.m.133 views

F5 Networks BIG-IP : Linux kernel vulnerability (K81211720)

The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft lockup via vectors involving a TCP packet with the URG flag. CVE-2017-6214 C Tenable Network Security, Inc. The descriptive text and package...

7.5CVSS7AI score0.04666EPSS
Exploits0References2
CNVD
CNVD
added 2017/08/25 12:0 a.m.3 views

WeiPHP v4.0 beta SQL Injection Vulnerability in Frontend AppsLinkController.class.php Page

WeiPHP is an open source WeChat public platform development framework, can easily build a personal WeChat public account operation platform. WeiPHP v4.0 beta SQL injection vulnerability exists in the front-end AppsLinkController.class.php page. The vulnerability is due to the public function del...

7.8AI score
Exploits0
F5 Networks
F5 Networks
added 2017/08/08 12:3 a.m.199 views

PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890

F5 Product Development has evaluated the currently supported releases for potential vulnerability. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the...

9.8CVSS1.2AI score0.07511EPSS
Exploits1
Prion
Prion
added 2017/06/09 3:29 p.m.21 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 12.1.2, 11.4.0 - 11.6.1, and 11.2.1 allows an...

3.5CVSS5.5AI score0.00947EPSS
Exploits0References4Affected Software16
Tenable Nessus
Tenable Nessus
added 2017/05/08 12:0 a.m.51 views

F5 Networks BIG-IP : TMM vulnerability (K82851041)

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disrupti...

5.9CVSS5.8AI score0.0109EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/12/21 12:0 a.m.39 views

F5 Networks BIG-IP : libxml2 vulnerability (K14338030)

The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document. CVE-2016-1762 File data f5bigipSOL14338030.nasl...

8.1CVSS8.2AI score0.06466EPSS
Exploits1References2
F5 Networks
F5 Networks
added 2016/10/27 12:0 a.m.45 views

SOL01471335 - BIND vulnerability CVE-2016-2848

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS7.6AI score0.25772EPSS
Exploits0References7
CNVD
CNVD
added 2016/09/20 12:0 a.m.1 views

SQL injection vulnerability in weiphp 'application\Home\Controller\PublicLinkController.class.php' page

weiphp is an open source, efficient, simple microsoft development platform. An SQL injection vulnerability exists in the weiphp 'application\Home\Controller\PublicLinkController.class.php' page. Allow attackers can exploit the vulnerability to obtain database sensitive information...

7.9AI score
Exploits0References1
Cvelist
Cvelist
added 2016/09/07 7:0 p.m.20 views

CVE-2016-5022

F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-I...

9.8AI score0.03457EPSS
Exploits0References3
CVE
CVE
added 2016/08/19 9:0 p.m.83 views

CVE-2015-8022

CVE-2015-8022 affects multiple F5 BIG-IP products (LTM, Analytics, APM, ASM, GTM, Link Controller; AAM, AFM, PEM; Edge Gateway, WebAccelerator, WOM, PSM) across 11.x releases. The root cause is in the Configuration utility: an Access Policy Manager customization configuration section that allows ...

8.5CVSS7.4AI score0.02674EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/05/13 4:0 p.m.82 views

CVE-2015-8099

CVE-2015-8099 affects F5 BIG-IP products (multiple modules) where software SYN cookies are configured on virtual servers. Under limited conditions, an invalid TCP segment can cause a DoS (High-Speed Bridge hang) in the data plane via virtual servers. The vulnerability impacts various BIG-IP relea...

5.9CVSS5.7AI score0.01998EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/04/14 12:0 a.m.7 views

The vulnerability of the BIG-IP Access Policy Manager, as well as the BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security Manager, BIG-IP Global Traffic Manager, BIG-IP Link Controller, BIG-IP Local Traffic Manager, BIG-IQ ADC, BIG-IQ Cloud, and BIG-IQ Device – these tools’ access control and remote authentication mechanisms can be exploited by attackers, leading to service interruptions.

The vulnerability of the virtual server component of the access control and remote authentication solution, BIG-IP Access Policy Manager, as well as software solutions such as BIG-IP Advanced Firewall Manager, BIG-IP Analytics, BIG-IP Application Acceleration Manager, BIG-IP Application Security...

7.8CVSS5.5AI score0.01908EPSS
Exploits0References3Affected Software12
Rows per page
Query Builder