Lucene search

K

F5 Networks, Inc. Security Vulnerabilities

nessus
nessus

F5 Networks BIG-IP : BIG-IP iQuery mesh vulnerability (K000132972)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.4 / 15.1.8.2 / 16.1.3.4 / 17.1.0.1. It is, therefore, affected by a vulnerability as referenced in the K000132972 advisory. When DNS is provisioned, an authenticated remote command execution vulnerability exists in...

8.9AI Score

0.001EPSS

2023-05-18 12:00 AM
4
nessus
nessus

F5 Networks BIG-IP : BIG-IP UDP profile vulnerability (K20145107)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.4 / 15.1.8.2 / 16.1.3.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K20145107 advisory. When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual...

7.7AI Score

0.001EPSS

2023-05-12 12:00 AM
25
nessus
nessus

F5 Networks BIG-IP : BIG-IP Stream profile vulnerability (K99123750)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K99123750 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, when the stream profile is configured on a virtual server, ...

7.5CVSS

7.7AI Score

0.001EPSS

2022-05-05 12:00 AM
12
nessus
nessus

F5 Networks BIG-IP : BIG-IP CGNAT LSN vulnerability (K54082580)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.0 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K54082580 advisory. On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and...

7.5CVSS

7.7AI Score

0.001EPSS

2022-05-05 12:00 AM
25
nessus
nessus

F5 Networks BIG-IP : BIG-IP DNS resolver vulnerability (K85054496)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K85054496 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP...

5.9CVSS

6.2AI Score

0.001EPSS

2022-05-05 12:00 AM
7
nessus
nessus

F5 Networks BIG-IP : BIG-IP SSL/TLS vulnerability (K09121542)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.0.0. It is, therefore, affected by a vulnerability as referenced in the K09121542 advisory. On all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation...

4.8CVSS

5.1AI Score

0.001EPSS

2021-02-11 12:00 AM
32
nessus
nessus

F5 Networks BIG-IP : GNU C Library vulnerability (K64119434)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K64119434 advisory. In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives,...

7.5CVSS

7.5AI Score

0.005EPSS

2022-09-20 12:00 AM
18
nessus
nessus

F5 Networks BIG-IQ iControl REST Arbitrary File Upload (K000132719)

The version of F5 Networks BIG-IQ Centralized Management installed on the remote host is affected by an arbitrary file upload vulnerability as referenced in the K000132719 advisory. An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ system can upload arbitrary files using an...

6.1AI Score

0.0005EPSS

2023-05-16 12:00 AM
8
nessus
nessus

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000132768)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.4 / 15.1.8.2 / 16.1.3.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K000132768 advisory. A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration.....

4.9AI Score

0.0005EPSS

2023-05-16 12:00 AM
6
nessus
nessus

F5 Networks BIG-IP : BIG-IP TMUI CSRF vulnerability (K49905324)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K49905324 advisory. On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP (fixed in 17.0.0), a cross-site request...

4.3CVSS

5.2AI Score

0.001EPSS

2022-05-05 12:00 AM
11
nessus
nessus

F5 Networks BIG-IP : BIG-IP ICAP profile vulnerability (K16187341)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K16187341 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

7.5CVSS

7.7AI Score

0.001EPSS

2022-05-05 12:00 AM
7
nessus
nessus

F5 Networks BIG-IP : BIG-IP IPsec ALG vulnerability (K06323049)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.5.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K06323049 advisory. On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x...

7.5CVSS

7.7AI Score

0.001EPSS

2022-05-05 12:00 AM
14
nessus
nessus

F5 Networks BIG-IP : BIG-IP SIP ALG vulnerability (K44110411)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.4 / 15.1.4 / 16.1.1. It is, therefore, affected by a vulnerability as referenced in the K44110411 advisory. On BIG-IP version 16.1.x before 16.1.1, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all...

7.5CVSS

7.7AI Score

0.001EPSS

2022-01-19 12:00 AM
5
cve
cve

CVE-2024-1446

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.4.3. This is due to missing or incorrect nonce validation on the nxssnap-reposter page. This makes it possible for unauthenticated attackers to...

5.4CVSS

6.4AI Score

0.0005EPSS

2024-05-22 07:15 AM
29
nessus
nessus

F5 Networks BIG-IP APM Guided Configuration Information Disclosure (K47756555)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.8. It is, therefore, affected by a vulnerability as referenced in the K47756555 advisory. When BIG-IP APM Guided Configuration is configured, undisclosed sensitive information may be logged in the...

4.4CVSS

5AI Score

0.0004EPSS

2023-10-13 12:00 AM
9
nessus
nessus

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000134535)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.5 / 15.1.9.1 / 16.1.3.5 / 17.1.0.2. It is, therefore, affected by a vulnerability as referenced in the K000134535 advisory. A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP...

5.4CVSS

5.5AI Score

0.0004EPSS

2023-08-02 12:00 AM
6
nessus
nessus

F5 Networks BIG-IP : BIG-IP TMM SSL vulnerability (K000133132)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5 / 16.1.2.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K000133132 advisory. When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU...

5.3CVSS

5.8AI Score

0.0005EPSS

2023-06-23 12:00 AM
2
nessus
nessus

F5 Networks BIG-IP : BIG-IP FTP profile vulnerability (K82034427)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K82034427 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

5.3CVSS

5.7AI Score

0.001EPSS

2022-05-05 12:00 AM
6
nessus
nessus

F5 Networks BIG-IP : BIG-IP iControl REST vulnerability (K23605346)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K23605346 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

9.8CVSS

9.9AI Score

0.975EPSS

2022-05-05 12:00 AM
167
nessus
nessus

F5 Networks BIG-IP : BIG-IP HTTP profile vulnerability (K96924184)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K96924184 advisory. On BIG-IP version 16.1.x before 16.1.2, when an HTTP profile is configured on a virtual server, undisclosed...

7.5CVSS

7.7AI Score

0.001EPSS

2022-07-22 12:00 AM
23
nessus
nessus

F5 Networks BIG-IP : BIG-IP MRF Diameter vulnerability (K82793463)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.4 / 15.1.4.1 / 16.1.2. It is, therefore, affected by a vulnerability as referenced in the K82793463 advisory. On BIG-IP version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all...

7.5CVSS

7.7AI Score

0.001EPSS

2022-01-19 12:00 AM
16
cve
cve

CVE-2024-2830

The WordPress Tag and Category Manager – AI Autotagger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'st_tag_cloud' shortcode in all versions up to, and including, 3.13.0 due to insufficient input sanitization and output escaping on user supplied attributes....

6.4CVSS

7.6AI Score

0.0004EPSS

2024-04-04 03:15 AM
33
osv
osv

CVE-2022-48197

Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download distributions, TreeView component and the YUI Javascript library overall are not affected. NOTE: This vulnerability only affects products that are no longer supported by the...

6.1CVSS

5.9AI Score

0.006EPSS

2023-01-02 04:15 PM
5
nessus
nessus

F5 Networks BIG-IP : Apache Commons FileUpload vulnerability (K000133052)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000133052 advisory. Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the...

7.5CVSS

8.1AI Score

0.034EPSS

2023-06-23 12:00 AM
13
nessus
nessus

F5 Networks BIG-IP : Linux kernel vulnerability for (K52379673)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K52379673 advisory. A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file...

7CVSS

7.4AI Score

0.0004EPSS

2022-05-05 12:00 AM
57
osv
osv

CVE-2023-52160

The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS

6.8AI Score

0.001EPSS

2024-02-22 05:15 PM
8
nessus
nessus

F5 Networks BIG-IP : Side-channel processor vulnerability (K35135935)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K35135935 advisory. Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an...

5.6CVSS

5.4AI Score

0.001EPSS

2023-11-03 12:00 AM
3
nessus
nessus

F5 Networks BIG-IP : BIG-IP DHCPv6 vulnerability (K36228121)

An attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the Traffic Management Microkernel (TMM) process to produce a core file. (CVE-2019-6643) Impact This vulnerability may allow an attacker who can route...

7.5CVSS

7.4AI Score

0.001EPSS

2019-08-12 12:00 AM
9
nessus
nessus

F5 Networks BIG-IP : BIG-IP PEM vulnerability (K000135946)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000135946 advisory. When a BIG-IP PEM classification profile is configured on a UDP virtual server, undisclosed requests can cause the...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-02-14 12:00 AM
6
nessus
nessus

F5 Networks BIG-IP : SSB Variant 4 vulnerability (K29146534)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K29146534 advisory. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the...

5.5CVSS

6.8AI Score

0.003EPSS

2023-11-02 12:00 AM
3
osv
osv

CVE-2019-25093

A vulnerability, which was classified as problematic, was found in dragonexpert Recent Threads on Index. Affected is the function recentthread_list_threads of the file inc/plugins/recentthreads/hooks.php of the component Setting Handler. The manipulation of the argument recentthread_forumskip...

5.4CVSS

6.2AI Score

0.001EPSS

2023-01-02 11:15 AM
6
cvelist
cvelist

CVE-2024-2830

The WordPress Tag and Category Manager – AI Autotagger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'st_tag_cloud' shortcode in all versions up to, and including, 3.13.0 due to insufficient input sanitization and output escaping on user supplied attributes....

6.4CVSS

5.8AI Score

0.0004EPSS

2024-04-04 02:32 AM
githubexploit
githubexploit

Exploit for SQL Injection in Microsoft

nate158 https://t.me/Nate158digimon gcloud compute addresses...

0.4AI Score

2022-03-04 09:00 AM
5857
osv
osv

CVE-2023-0584

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_options' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change the 'vk_font_awesome_version' option to an...

4.3CVSS

7AI Score

0.001EPSS

2023-06-03 02:15 AM
6
nessus
nessus

Palo Alto Networks PAN-OS 10.2.x < 10.2.9-h1 / 11.0.x < 11.0.4-h1 / 11.1.x < 11.1.2-h3 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.9-h1 or 11.0.x prior to 11.0.4-h1 or 11.1.x prior to 11.1.2-h3. It is, therefore, affected by a vulnerability. A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect...

10CVSS

10AI Score

0.957EPSS

2024-04-12 12:00 AM
73
nessus
nessus

F5 Networks BIG-IP : BIG-IP FIPS HSM password vulnerability (K000135449)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.4 / 14.1.4 / 15.1.1 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K000135449 advisory. Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password...

6.1CVSS

6.4AI Score

0.001EPSS

2023-08-02 12:00 AM
6
nessus
nessus

F5 Networks BIG-IP : BIG-IP SIP ALG profile vulnerability (K51539421)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K51539421 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, and 14.1.x...

7.5CVSS

7.7AI Score

0.001EPSS

2022-05-05 12:00 AM
7
nessus
nessus

F5 Networks BIG-IP : TMUI authenticated remote command execution vulnerability (K70031188)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.5.3 / 13.1.3.6 / 14.1.4 / 15.1.2.1 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K70031188 advisory. On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before...

8.8CVSS

9.4AI Score

0.002EPSS

2021-03-10 12:00 AM
15
nessus
nessus

F5 Networks BIG-IP : BIG-IP iControl REST Privilege Escalation (K26910459)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.9. It is, therefore, affected by a vulnerability as referenced in the K26910459 advisory. The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables. ...

7.2CVSS

7.1AI Score

0.001EPSS

2023-10-13 12:00 AM
4
nessus
nessus

F5 Networks BIG-IP : BIG-IP HTTP/2 profile vulnerability (K56676554)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K56676554 advisory. On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in...

7.5CVSS

7.8AI Score

0.001EPSS

2023-06-23 12:00 AM
10
osv
osv

Inter-Blockchain Communication (IBC) protocol "Huckleberry" vulnerability in github.com/cosmos/ibc-go

The ibc-go module is affected by the Inter-Blockchain Communication (IBC) protocol "Huckleberry" vulnerability. The vulnerability allowed an attacker to send arbitrary transactions onto target chains and trigger arbitrary state transitions, including but not limited to, theft of funds. It was...

7.1AI Score

2024-05-23 02:47 PM
3
nessus
nessus

F5 Networks BIG-IP : The BIG-IP system may fail to block HTTP Request Smuggling attacks (K000132430)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K000132430 advisory. The BIG-IP system may fail to block non-RFC-compliant HTTP requests to the pool member, which may lead to ...

7.4AI Score

2024-05-16 12:00 AM
3
cve
cve

CVE-2024-1416

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to unauthorized access to functionality due to a missing capability check on several functions in all versions up to, and including, 1.8.9. This makes it possible for unauthenticated attackers to invoke....

4.3CVSS

6.6AI Score

0.001EPSS

2024-05-02 05:15 PM
35
nessus
nessus

F5 Networks BIG-IP : Intel I210 network adapter vulnerability (K37283878)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K37283878 advisory. Improper initialization in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before...

4.4CVSS

4.5AI Score

0.0004EPSS

2021-10-28 12:00 AM
5
nessus
nessus

F5 Networks BIG-IP : Intel I210 network adapter vulnerability (K31445234)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K31445234 advisory. Improper access control in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before...

4.4CVSS

4.6AI Score

0.0004EPSS

2021-10-28 12:00 AM
9
osv
osv

OctoPrint has an Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabled

Impact OctoPrint versions up until and including 1.10.0 contain a vulnerability that allows an unauthenticated attacker to completely bypass the authentication if the autologinLocal option is enabled within config.yaml, even if they come from networks that are not configured as localNetworks, by...

7.1CVSS

7.1AI Score

0.0004EPSS

2024-05-14 08:13 PM
4
nessus
nessus

F5 Networks BIG-IP : BIG-IP Configuration utility XSS vulnerability (K000132726)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.4 / 15.1.8.2 / 16.1.3.4 / 17.1.0.1. It is, therefore, affected by a vulnerability as referenced in the K000132726 advisory. Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of.....

6.5AI Score

0.0005EPSS

2023-05-12 12:00 AM
38
nessus
nessus

F5 Networks BIG-IP : BIG-IP Net HSM script vulnerability (K47662005)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5.1 / 16.1.0 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K47662005 advisory. On F5 BIG-IP 15.1.x versions prior to 15.1.5.1 and 14.1.x versions prior to 14.1.4.6, when...

6.5CVSS

6.8AI Score

0.001EPSS

2022-05-05 12:00 AM
11
nessus
nessus

F5 Networks BIG-IP : Advanced WAF/ASM buffer-overflow vulnerability (K52510511)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.3 / 12.1.5.3 / 13.1.3.6 / 14.1.4 / 15.1.2.1 / 16.0.1.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K52510511 advisory. On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before...

9.8CVSS

9.9AI Score

0.375EPSS

2021-03-10 12:00 AM
19
cvelist
cvelist

CVE-2024-1416

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to unauthorized access to functionality due to a missing capability check on several functions in all versions up to, and including, 1.8.9. This makes it possible for unauthenticated attackers to invoke....

4.3CVSS

4.7AI Score

0.001EPSS

2024-05-02 04:52 PM
Total number of security vulnerabilities314659