f5
1,031 tracked vulnerabilities.
CVE-2023-3470
MEDIUM
F5 BIG-IP - Improper Authentication via Deterministic Crypto User Password
Aug 02, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-38423
MEDIUM
F5 BIG-IP 13.1.0-13.1.5 - Cross-Site Scripting in Configuration Utility
Aug 02, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-38419
MEDIUM
F5 BIG-IP Access Policy Manager 13.1.0-13.1.5 - Authenticated Denial of Service via iControl SOAP Request
Aug 02, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-38418
HIGH
BIG-IP Edge Client Installer - Privilege Escalation
Aug 02, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-38138
HIGH
F5 BIG-IP 13.1.0-13.1.5 - Reflected Cross-Site Scripting in Configuration Utility
Aug 02, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-36858
HIGH
BIG-IP Edge Client - Info Disclosure
Aug 02, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-36494
MEDIUM
F5OS-A - Sensitive Information Disclosure in Audit Logs
Aug 02, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-29240
MEDIUM
F5 BIG-IQ Centralized Management 8.0.0-8.2.0 - Authenticated Arbitrary File Upload via iControl REST Endpoint
May 03, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-29163
HIGH
F5 BIG-IP 14.1.0-14.1.5.3 - Denial of Service via UDP Profile Idle Timeout
May 03, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-28742
HIGH
F5 BIG-IP DNS 13.1.0-13.1.4 - Authenticated Remote Command Execution via DNS iQuery Mesh
May 03, 2023
CVSS 7.2
EPSS 0.01
CVE-2023-28724
HIGH
NGINX Management Suite - Privilege Escalation
May 03, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-28656
HIGH
NGINX Management Suite - Privilege Escalation
May 03, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-28406
MEDIUM
BIG-IP 13.1.0-13.1.5 - Authenticated Path Traversal in Configuration Utility
May 03, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-27378
HIGH
F5 BIG-IP 13.1.0-13.1.5 - Reflected Cross-Site Scripting in Configuration Utility
May 03, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-24594
MEDIUM
F5 F5 BIG-IP - Resource Consumption via SSL Traffic
May 03, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-24461
HIGH
BIG-IP Edge Client - Improper Certificate Validation
May 03, 2023
CVSS 7.4
EPSS 0.00
CVE-2023-22372
MEDIUM
BIG-IP Edge Client - Improper Enforcement
May 03, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-27730
HIGH
Nginx NJS v0.7.10 - Out-of-bounds Read via njs_lvlhsh_find Function
Apr 09, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27729
HIGH
Nginx NJS v0.7.10 - Buffer Overflow via njs_vmcode_return Function
Apr 09, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27728
HIGH
Nginx NJS v0.7.10 - Out-of-bounds Read via njs_dump_is_recursive Function
Apr 09, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-27727
HIGH
Nginx NJS v0.7.10 - Out-of-bounds Read via njs_function_frame
Apr 09, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-1550
MEDIUM
NGINX Agent <2.23.3 - Info Disclosure
Mar 29, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-23555
HIGH
BIG-IP Virtual Edition <15.1.8 - DoS
Feb 01, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-23552
HIGH
F5 BIG-IP Advanced WAF and ASM 13.1.x-16.1.x - Uncontrolled Resource Consumption
Feb 01, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-22842
HIGH
F5 BIG-IP 13.1.0-13.1.4 - Denial of Service via SIP Profile Traffic
Feb 01, 2023
CVSS 7.5
EPSS 0.01
Products
big-ip_access_policy_manager 628
big-ip_application_security_manager 581
big-ip_advanced_firewall_manager 552
big-ip_local_traffic_manager 541
big-ip_policy_enforcement_manager 533
big-ip_link_controller 525
big-ip_application_acceleration_manager 524
big-ip_analytics 511
big-ip_global_traffic_manager 490
big-ip_domain_name_system 469
big-ip_fraud_protection_service 405
big-ip_webaccelerator 297
big-ip_edge_gateway 293
big-ip_advanced_web_application_firewall 195
big-ip_websafe 175
big-ip_ddos_hybrid_defender 166
big-ip_ssl_orchestrator 147
big-ip_carrier-grade_nat 109
big-ip_application_visibility_and_reporting 108
big-ip_container_ingress_services 86
big-ip_automation_toolchain 85
big-iq_centralized_management 85
big-ip_protocol_security_module 61
BIG-IP 46
nginx 42
njs 40
enterprise_manager 39
big-ip_wan_optimization_manager 38
traffix_signaling_delivery_controller 31
ssl_orchestrator 27
Quick Filters