f5

1,024 tracked vulnerabilities.

CVE-2023-22341 HIGH
BIG-IP APM <14.1.5.3,13.1.x - Info Disclosure
Feb 01, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22340 HIGH
BIG-IP <16.1.3.3, <15.1.8, <14.1.5.3, <=13.1.x - DoS
Feb 01, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22326 MEDIUM
BIG-IP <17.0.0.2,16.1.3.3,15.1.8.1,14.1.5.3,13.1.x - Info Disclosure
Feb 01, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-22323 HIGH
BIP-IP <17.0.0.2, <16.1.3.3, <15.1.8.1, <14.1.5.3, 13.1.x - DoS
Feb 01, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22302 MEDIUM
F5 BIG-IP 16.1.2.2-16.1.3.2 and 17.0.0-17.0.0.1 - Denial of Service via HTTP Profile Configuration
Feb 01, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-22283 MEDIUM
BIG-IP Edge Client <7.2.3.1 - DLL Hijacking
Feb 01, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-22281 HIGH
BIG-IP AFM <17.0.0.2, <16.1.3.3, <15.1.8, <14.1.5.3, <=13.1.x - DoS
Feb 01, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-41800 HIGH NUCLEI
F5 BIG-IP - Authenticated Appliance Mode Bypass via Undisclosed iControl REST Endpoint
Dec 07, 2022
CVSS 8.7
EPSS 0.93
CVE-2022-41622 HIGH
F5 BIG-IP and BIG-IQ - Cross-Site Request Forgery via iControl SOAP
Dec 07, 2022
CVSS 8.8
EPSS 0.60
CVE-2022-43286 CRITICAL
Nginx NJS v0.7.2 - Use-After-Free in njs_json_parse_iterator_call
Oct 28, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-43285 HIGH
Nginx NJS v0.7.4 - Out-of-bounds Write in njs_promise_reaction_job
Oct 28, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-43284 HIGH
Nginx NJS 0.7.2-0.7.4 - Segmentation Violation via njs_scope_valid_value
Oct 28, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-41983 LOW
F5 Big-ip Access Policy Manager < 13.1.5 - Cleartext Transmission
Oct 19, 2022
CVSS 3.7
EPSS 0.00
CVE-2022-41836 HIGH
F5 F5 BIG-IP Advanced WAF and ASM - Denial of Service via Attack Signature False Positive Mode
Oct 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41835 HIGH
F5OS-A/F5OS-C <1.1.0/<1.5.0 - Privilege Escalation
Oct 19, 2022
CVSS 7.3
EPSS 0.00
CVE-2022-41833 HIGH
F5 BIG-IP 13.1.0-13.1.4 - Denial of Service via HTTP::collect iRule
Oct 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41832 HIGH
BIG-IP <17.0.0.1, <16.1.3.1, <15.1.6.1, <14.1.5.1, <13.1.5.1 - Info...
Oct 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41813 MEDIUM
BIG-IP <16.1.3.1, <15.1.6.1, <14.1.5, 13.1.x - DoS
Oct 19, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-41806 HIGH
BIG-IP <16.1.3.2 & 15.1.5.1 - Memory Corruption
Oct 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41787 HIGH
BIG-IP DNS 13.1.0-13.1.5.1 14.1.0-14.1.5.1 15.1.0-15.1.6.1 16.1.0-16.1.3.1 17.0.0 - Denial of Service via DNSSEC Query
Oct 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41780 MEDIUM
F5OS-A/F5OS-C <1.1.0/<1.4.0 - Path Traversal
Oct 19, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-41770 MEDIUM
BIG-IP <17.0.0.1,16.1.3.1,15.1.7,14.1.5.1,13.1.x - Memory Corruption
Oct 19, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-41743 HIGH
NGINX Plus <R27 P1-R26 P1 - Memory Corruption
Oct 19, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41742 HIGH
NGINX Open Source < 1.23.2 and 1.22.1 - Out-of-bounds Write in ngx_http_mp4_module
Oct 19, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-41741 HIGH
NGINX <1.23.2-1.22.1 - Memory Corruption
Oct 19, 2022
CVSS 7.0
EPSS 0.01
Products
big-ip_access_policy_manager 589 big-ip_application_security_manager 541 big-ip_advanced_firewall_manager 514 big-ip_local_traffic_manager 503 big-ip_policy_enforcement_manager 495 big-ip_link_controller 487 big-ip_application_acceleration_manager 486 big-ip_analytics 473 big-ip_global_traffic_manager 452 big-ip_domain_name_system 429 big-ip_fraud_protection_service 367 big-ip_webaccelerator 259 big-ip_edge_gateway 255 big-ip_advanced_web_application_firewall 155 big-ip_websafe 137 big-ip_ddos_hybrid_defender 127 big-ip_ssl_orchestrator 108 big-iq_centralized_management 77 big-ip_carrier-grade_nat 71 big-ip_application_visibility_and_reporting 70 big-ip_protocol_security_module 61 big-ip_container_ingress_services 48 big-ip_automation_toolchain 47 BIG-IP 46 nginx 41 enterprise_manager 39 njs 39 big-ip_wan_optimization_manager 38 traffix_signaling_delivery_controller 31 ssl_orchestrator 27
Quick Filters
Critical CVEs With Exploits In CISA KEV