Lucene search

K

F5 Networks, Inc. Security Vulnerabilities

nessus
nessus

F5 Networks BIG-IP : Intel BIOS vulnerability (K000130240)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000130240 advisory. Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to ...

6.8AI Score

0.0004EPSS

2023-06-02 12:00 AM
11
nessus
nessus

F5 Networks BIG-IP : Intel BIOS vulnerability (K14454359)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K14454359 advisory. Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially...

7.8CVSS

7.6AI Score

0.0004EPSS

2022-06-22 12:00 AM
38
nessus
nessus

F5 Networks BIG-IP : Intel BIOS vulnerability (K04303225)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K04303225 advisory. Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially...

7.8CVSS

7.5AI Score

0.0004EPSS

2022-06-22 12:00 AM
27
nessus
nessus

F5 Networks BIG-IP : Linux kernel vulnerability (K84900646)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K84900646 advisory. A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can...

5.5CVSS

6.3AI Score

0.0004EPSS

2021-10-28 12:00 AM
21
cvelist
cvelist

CVE-2023-30306

An issue discovered in Mercury x30g, Mercury YR1800XG routers allows attackers to hijack TCP sessions which could lead to a denial of...

6.5AI Score

EPSS

1976-01-01 12:00 AM
2
osv
osv

CVE-2023-52160

The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS

6.8AI Score

0.001EPSS

2024-02-22 05:15 PM
8
packetstorm

7.4AI Score

0.0004EPSS

2024-04-05 12:00 AM
91
vulnrichment
vulnrichment

CVE-2024-4362 SiteOrigin Widgets Bundle <= 1.60.0 - - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode

The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'siteorigin_widget' shortcode in all versions up to, and including, 1.60.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible....

6.4CVSS

5.8AI Score

0.001EPSS

2024-05-22 08:31 AM
1
vulnrichment
vulnrichment

CVE-2024-4398 HTML5 Audio Player- Best WordPress Audio Player Plugin <= 2.2.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The HTML5 Audio Player- Best WordPress Audio Player Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.2.19 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS

5.8AI Score

0.001EPSS

2024-05-10 07:33 AM
nessus
nessus

F5 Networks BIG-IP APM Guided Configuration Information Disclosure (K47756555)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.8. It is, therefore, affected by a vulnerability as referenced in the K47756555 advisory. When BIG-IP APM Guided Configuration is configured, undisclosed sensitive information may be logged in the...

4.4CVSS

5AI Score

0.0004EPSS

2023-10-13 12:00 AM
10
nessus
nessus

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000134535)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.5 / 15.1.9.1 / 16.1.3.5 / 17.1.0.2. It is, therefore, affected by a vulnerability as referenced in the K000134535 advisory. A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP...

5.4CVSS

5.5AI Score

0.0004EPSS

2023-08-02 12:00 AM
6
nessus
nessus

F5 Networks BIG-IP : BIG-IP TMM SSL vulnerability (K000133132)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5 / 16.1.2.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K000133132 advisory. When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU...

5.3CVSS

5.8AI Score

0.0005EPSS

2023-06-23 12:00 AM
2
nessus
nessus

F5 Networks BIG-IP : BIG-IP iControl REST vulnerability (K23605346)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K23605346 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

9.8CVSS

9.9AI Score

0.975EPSS

2022-05-05 12:00 AM
167
nessus
nessus

F5 Networks BIG-IP : BIG-IP FTP profile vulnerability (K82034427)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K82034427 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

5.3CVSS

5.7AI Score

0.001EPSS

2022-05-05 12:00 AM
6
cvelist
cvelist

CVE-2024-1415

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.9. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attackers....

4.3CVSS

4.5AI Score

0.001EPSS

2024-05-02 04:52 PM
nessus
nessus

F5 Networks BIG-IP : Java SE vulnerability (K85742355)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K85742355 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that...

3.7CVSS

5.2AI Score

0.001EPSS

2023-11-03 12:00 AM
20
nessus
nessus

F5 Networks BIG-IP : Apache Struts vulnerabilities (K24608264)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K24608264 advisory. Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code ...

9.8CVSS

10AI Score

0.973EPSS

2023-11-03 12:00 AM
34
nessus
nessus

F5 Networks BIG-IP : Linux kernel vulnerability (K15412203)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K15412203 advisory. The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through ...

7.8CVSS

7.5AI Score

0.001EPSS

2023-11-02 12:00 AM
7
nessus
nessus

F5 Networks BIG-IP : Rowhammer hardware vulnerability (K60570139)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K60570139 advisory. Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal ...

9CVSS

9AI Score

0.002EPSS

2023-11-02 12:00 AM
2
nessus
nessus

F5 Networks BIG-IP : Linux kernel vulnerability (K40540405)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K40540405 advisory. The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a...

7.8CVSS

7.9AI Score

0.0004EPSS

2023-11-02 12:00 AM
5
nessus
nessus

F5 Networks BIG-IP : procps-ng vulnerability (K16124204)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K16124204 advisory. procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in...

7.8CVSS

9.3AI Score

0.0005EPSS

2023-11-02 12:00 AM
4
nessus
nessus

F5 Networks BIG-IP : Linux kernel vulnerability (K13213573)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K13213573 advisory. Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or...

7.8CVSS

7.9AI Score

0.0004EPSS

2023-11-02 12:00 AM
12
nessus
nessus

F5 Networks BIG-IP : IPsec IKEv1 vulnerability (K42378447)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K42378447 advisory. The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key...

5.9CVSS

5.7AI Score

0.003EPSS

2023-11-02 12:00 AM
4
nessus
nessus

F5 Networks BIG-IP : Intel processor vulnerability (K000133630)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000133630 advisory. Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to ...

8.2CVSS

6.8AI Score

0.0004EPSS

2023-10-12 12:00 AM
9
nessus
nessus

F5 Networks BIG-IP : Python urllib.parse vulnerability (K000135921)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000135921 advisory. An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by...

7.5CVSS

8.1AI Score

0.001EPSS

2023-08-21 12:00 AM
27
nessus
nessus

F5 Networks BIG-IP : Apache Tomcat vulnerability (K000135262)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000135262 advisory. The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to...

7.5CVSS

7.4AI Score

0.034EPSS

2023-06-29 12:00 AM
14
nessus
nessus

F5 Networks BIG-IP : Intel Processor vulnerability (K11601010)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K11601010 advisory. Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable...

5.5CVSS

5.3AI Score

0.0004EPSS

2022-10-25 12:00 AM
10
nessus
nessus

F5 Networks BIG-IP : Intel BIOS vulnerability (K53252134)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K53252134 advisory. Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially...

5.5CVSS

5.2AI Score

0.0004EPSS

2022-07-21 12:00 AM
16
nessus
nessus

F5 Networks BIG-IP : Intel processors vulnerability (K14335949)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K14335949 advisory. Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user...

6.5CVSS

6.2AI Score

0.001EPSS

2022-07-13 12:00 AM
14
nessus
nessus

F5 Networks BIG-IP : Intel BIOS vulnerability (K55051330)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K55051330 advisory. Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged...

7.8CVSS

7.6AI Score

0.0004EPSS

2022-06-22 12:00 AM
25
cvelist
cvelist

CVE-2024-2793 Visual Website Collaboration, Feedback & Project Management – Atarim <= 3.30 - Unauthenticated Stored Cross-Site Scripting

The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to Stored Cross-Site Scripting via comments in all versions up to, and including, 3.30 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated.....

7.2CVSS

6.4AI Score

0.001EPSS

2024-05-31 04:31 AM
nessus
nessus

F5 Networks BIG-IP : BIG-IP HTTP/2 DoS (K000137106)

The version of F5 Networks BIG-IP installed on the remote host is prior or equal to 17.1.0 / 16.1.4 / 15.1.10 / 14.1.5 / 13.1.5. It is, therefore, affected by a vulnerability as referenced in the K000137106 advisory. The HTTP/2 protocol allows a denial of service (server resource consumption)...

7.5CVSS

7.7AI Score

0.732EPSS

2023-10-13 12:00 AM
34
nessus
nessus

F5 Networks BIG-IP : BIG-IP Configuration utility RCE (K000135689)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0.3 / 16.1.4.1 / 15.1.10.2 / 14.1.5.6. It is, therefore, affected by a vulnerability as referenced in the K000135689 advisory. A directory traversal vulnerability exists in the BIG-IP Configuration utility that may...

9.9CVSS

9.6AI Score

0.002EPSS

2023-10-13 12:00 AM
22
nessus
nessus

F5 Networks BIG-IP : BIG-IP DNS profile vulnerability (K37708118)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8.1 / 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K37708118 advisory. On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before...

7.5CVSS

7.8AI Score

0.001EPSS

2023-06-23 12:00 AM
12
nessus
nessus

F5 Networks BIG-IP : BIG-IP SIP profile vulnerability (K08182564)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8.1 / 16.1.3.3 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K08182564 advisory. On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and.....

7.5CVSS

7.8AI Score

0.001EPSS

2023-06-23 12:00 AM
5
nessus
nessus

F5 Networks BIG-IP : BIG-IP HTTP profile vulnerability (K58550078)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K58550078 advisory. In BIG-IP versions 17.0.x before 17.0.0.2, and 16.1.x beginning in 16.1.2.2 to before 16.1.3.3, when...

5.9CVSS

6.2AI Score

0.001EPSS

2023-06-23 12:00 AM
7
nessus
nessus

F5 Networks BIG-IP : Appliance mode iControl REST vulnerability (K13325942)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8.1 / 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K13325942 advisory. In all versions of BIG-IP, when running in Appliance mode, an authenticated user...

8.7CVSS

8.5AI Score

0.011EPSS

2022-11-16 12:00 AM
27
nessus
nessus

F5 Networks BIG-IP : BIG-IP RTSP profile vulnerability (K37155600)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K37155600 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x.....

7.5CVSS

7.7AI Score

0.001EPSS

2022-05-05 12:00 AM
15
nessus
nessus

F5 Networks BIG-IP : BIG-IP DNS resolver vulnerability (K03755971)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K03755971 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2 and 15.1.x versions prior to 15.1.5.1, when the DNS...

7.5CVSS

7.7AI Score

0.001EPSS

2022-05-05 12:00 AM
8
nessus
nessus

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000132768)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.4 / 15.1.8.2 / 16.1.3.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K000132768 advisory. A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration.....

4.9AI Score

0.0005EPSS

2023-05-16 12:00 AM
6
nessus
nessus

F5 Networks BIG-IQ iControl REST Arbitrary File Upload (K000132719)

The version of F5 Networks BIG-IQ Centralized Management installed on the remote host is affected by an arbitrary file upload vulnerability as referenced in the K000132719 advisory. An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ system can upload arbitrary files using an...

6.1AI Score

0.0005EPSS

2023-05-16 12:00 AM
8
nessus
nessus

F5 Networks BIG-IP : BIG-IP TMUI CSRF vulnerability (K49905324)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K49905324 advisory. On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP (fixed in 17.0.0), a cross-site request...

4.3CVSS

5.2AI Score

0.001EPSS

2022-05-05 12:00 AM
11
nessus
nessus

F5 Networks BIG-IP : BIG-IP ICAP profile vulnerability (K16187341)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K16187341 advisory. On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1,...

7.5CVSS

7.7AI Score

0.001EPSS

2022-05-05 12:00 AM
7
nessus
nessus

F5 Networks BIG-IP : BIG-IP IPsec ALG vulnerability (K06323049)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.5.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K06323049 advisory. On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x...

7.5CVSS

7.7AI Score

0.001EPSS

2022-05-05 12:00 AM
14
nessus
nessus

F5 Networks BIG-IP : BIG-IP SIP ALG vulnerability (K44110411)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.4 / 15.1.4 / 16.1.1. It is, therefore, affected by a vulnerability as referenced in the K44110411 advisory. On BIG-IP version 16.1.x before 16.1.1, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all...

7.5CVSS

7.7AI Score

0.001EPSS

2022-01-19 12:00 AM
6
osv
osv

CVE-2019-25093

A vulnerability, which was classified as problematic, was found in dragonexpert Recent Threads on Index. Affected is the function recentthread_list_threads of the file inc/plugins/recentthreads/hooks.php of the component Setting Handler. The manipulation of the argument recentthread_forumskip...

5.4CVSS

6.2AI Score

0.001EPSS

2023-01-02 11:15 AM
6
nessus
nessus

F5 Networks BIG-IP : BIG-IP Configuration utility vulnerability (K000133474)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.5 / 15.1.9.1 / 16.1.3.5 / 17.1.0.2. It is, therefore, affected by a vulnerability as referenced in the K000133474 advisory. A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the...

7.5CVSS

6.1AI Score

0.0005EPSS

2023-08-02 12:00 AM
8
nessus
nessus

F5 Networks BIG-IP : iControl REST and tmsh vulnerability (K83284425)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8.1 / 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K83284425 advisory. In BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before...

4.9CVSS

5.9AI Score

0.001EPSS

2023-06-23 12:00 AM
6
nessus
nessus

F5 Networks BIG-IP : BIG-IP SIP profile vulnerability (K34525368)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8 / 16.1.3.3. It is, therefore, affected by a vulnerability as referenced in the K34525368 advisory. On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all...

7.5CVSS

7.7AI Score

0.001EPSS

2023-06-23 12:00 AM
7
Total number of security vulnerabilities315051