Lucene search
K

6 matches found

EUVD
EUVD
added 2026/05/13 6:30 p.m.9 views

EUVD-2026-29970

When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In Appliance mode...

8.7CVSS5.9AI score0.00235EPSS
Exploits0References2
CVE
CVE
added 2026/05/13 2:12 p.m.19 views

CVE-2026-42919

Affected product: BIG-IP ( appliance mode feature ). The issue allows an authenticated administrator to bypass appliance mode security and execute arbitrary commands with higher privileges, a control‑plane only escalation with no data‑plane exposure as described in the advisory. For BIG-IP Next/1...

7.1CVSS5.5AI score0.00288EPSS
Exploits0References1Affected Software21
RedhatCVE
RedhatCVE
added 2025/10/16 2:52 p.m.4 views

CVE-2025-61955

A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with local access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support EoTS are not...

8.8CVSS6.5AI score0.00224EPSS
Exploits0References1
Prion
Prion
added 2023/10/10 1:15 p.m.21 views

Design/Logic Flaw

When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which...

4.7CVSS8.3AI score0.00435EPSS
Exploits0References1Affected Software18
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.5 views

SUSE CVE-2003-0700

The C-Media PCI sound driver in Linux before 2.4.22 does not use the getuser function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699...

7.5CVSS7AI score0.01871EPSS
Exploits0References3
NVD
NVD
added 2023/02/01 6:15 p.m.33 views

CVE-2023-22374

A format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note...

8.5CVSS8.5AI score0.72646EPSS
Exploits0References1
Rows per page
Query Builder