f5

1,031 tracked vulnerabilities.

CVE-2022-41806 HIGH
BIG-IP <16.1.3.2 & 15.1.5.1 - Memory Corruption
Oct 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41787 HIGH
BIG-IP DNS 13.1.0-13.1.5.1 14.1.0-14.1.5.1 15.1.0-15.1.6.1 16.1.0-16.1.3.1 17.0.0 - Denial of Service via DNSSEC Query
Oct 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41780 MEDIUM
F5OS-A/F5OS-C <1.1.0/<1.4.0 - Path Traversal
Oct 19, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-41770 MEDIUM
BIG-IP <17.0.0.1,16.1.3.1,15.1.7,14.1.5.1,13.1.x - Memory Corruption
Oct 19, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-41743 HIGH
NGINX Plus <R27 P1-R26 P1 - Memory Corruption
Oct 19, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-41742 HIGH
NGINX Open Source < 1.23.2 and 1.22.1 - Out-of-bounds Write in ngx_http_mp4_module
Oct 19, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-41741 HIGH
NGINX <1.23.2-1.22.1 - Memory Corruption
Oct 19, 2022
CVSS 7.0
EPSS 0.01
CVE-2022-41694 MEDIUM
BIG-IP <16.1.3,15.1.6.1,14.1.5,13.1.x - DoS
Oct 19, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-41691 HIGH
F5 BIG-IP Advanced WAF/ASM 14.1.0-14.1.5.1 - Denial of Service via Security Policy Processing
Oct 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41624 HIGH
BIG-IP 13.1.0-13.1.5.1 14.1.0-14.1.5.2 15.1.0-15.1.7 16.1.0-16.1.3.2 17.0.0 - Use-After-Free via Sideband iRule
Oct 19, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41617 HIGH
BIG-IP <16.1.3.1, <15.1.6.1, <14.1.5.1, <13.1.5.1 - Authenticated RCE
Oct 19, 2022
CVSS 7.2
EPSS 0.01
CVE-2022-36795 MEDIUM
BIG-IP <17.0.0.1, <16.1.3.1, <15.1.7, <14.1.5.1 - DoS
Oct 19, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-38890 MEDIUM
Nginx NJS v0.7.7 - Out-of-bounds Read via njs_utf8_next
Sep 15, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-35735 HIGH
BIG-IP <16.1.3.1, 15.1.x <15.1.6.1, 14.1.x <14.1.5.1, 13.1.x - Priv...
Aug 04, 2022
CVSS 7.2
EPSS 0.01
CVE-2022-35728 HIGH
BIG-IP <17.0.0.1, 16.1.x <16.1.3.1, 15.1.x <15.1.6.1, 14.1.x <14.1....
Aug 04, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-35272 HIGH
BIG-IP 16.1.0-16.1.3.1 and 17.0.0 - Denial of Service via MRF Virtual Server Source-Port Preserve-Strict Configuration
Aug 04, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-35245 HIGH
BIG-IP APM 14.1.0-14.1.5.1 - Denial of Service via Traffic Management Microkernel Termination
Aug 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-35243 HIGH
BIG-IP 13.1.x < 13.1.5, 14.1.x < 14.1.5, 15.1.x < 15.1.5.1, 16.1.x < 16.1.3 - Privilege Escalation via iControl REST
Aug 04, 2022
CVSS 8.7
EPSS 0.01
CVE-2022-35241 MEDIUM
F5 NGINX Instance Manager 1.x and 2.x < 2.3.1 - Uncontrolled Resource Consumption
Aug 04, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-35240 HIGH
BIG-IP 14.1.0-14.1.4 - Memory Resource Exhaustion via MQTT Profile
Aug 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-35236 HIGH
F5 BIG-IP 14.1.0-14.1.4 - Uncontrolled Resource Consumption via HTTP2 Profile
Aug 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34865 MEDIUM
BIG-IP 13.1.0-13.1.5 - Traffic Intelligence Feed Data Poisoning via Improper Certificate Validation
Aug 04, 2022
CVSS 4.8
EPSS 0.00
CVE-2022-34862 HIGH
BIG-IP 13.1.0-13.1.4, 14.1.0-14.1.4, 15.1.0-15.1.6, 16.1.0-16.1.3 DoS via LTM Virtual Server
Aug 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34851 MEDIUM
F5 BIG-IP 13.1.x-17.0.x - Authenticated Denial of Service via iControl SOAP
Aug 04, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-34844 MEDIUM
F5 BIG-IP 15.1.0-15.1.6.1 and 16.1.0-16.1.3.1 - Denial of Service via DPDK/ENA Driver Traffic
Aug 04, 2022
CVSS 5.9
EPSS 0.01