Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / f5

f5

1,024 tracked vulnerabilities.

CVE-2022-26071 HIGH

F5 BIG-IP <16.1.2.2, <15.1.5.1, <14.1.4.6, <13.1.5, <=11.6.x - DoS

CVE-2022-25990 MEDIUM

F5OS-A 1.0.x - Exposure of Sensitive Information via Registry Ports

CVE-2022-25946 HIGH

F5 BIG-IP Advanced WAF, ASM, and GC <9.0 - Auth Bypass

CVE-2022-1468 MEDIUM

F5 BIG-IP APM 17.0.x-11.6.x - Authenticated DoS via iControl REST

CVE-2022-1389 LOW

F5 BIG-IP 11.6.x-16.1.x - Cross-Site Request Forgery in Configuration Utility

CVE-2022-1388 CRITICAL KEVNUCLEI

F5 BIG-IP iControl RCE via REST Authentication Bypass

CVE-2022-28049 MEDIUM

NGINX NJS 0.7.2 - NULL Pointer Dereference in njs_vmcode_array

CVE-2022-27008 HIGH

nginx njs 0.7.2 - Buffer Overflow in Array.prototype.concat()

CVE-2022-27007 CRITICAL

nginx njs 0.7.2 - Use-After-Free in njs_function_frame_alloc()

CVE-2022-25139 CRITICAL

njs < 0.7.2 - Use-After-Free in njs_await_fulfilled

CVE-2022-23032 MEDIUM

F5 BIG-IP APM <11.6.5 & Client <7.1.9 DNS Rebinding via Proxy

CVE-2022-23031 MEDIUM

F5 BIG-IP Advanced WAF/ASM/FPS 14.1.0-14.1.4/15.1.0-15.1.4/16.1.0-16.1.1 - Authenticated XML External Entity Injection

CVE-2022-23030 MEDIUM

F5 BIG-IP 13.1.0-13.1.3, 14.1.0-14.1.4.4, 15.1.0-15.1.4, 16.1.0-16.1.1 - Resource Consumption via ixlv Driver

CVE-2022-23029 MEDIUM

F5 BIG-IP 11.6.1-11.6.5 - Time-of-check Time-of-use Race Condition

CVE-2022-23028 MEDIUM

BIG-IP AFM 13.1.x-16.x - Denial of Service via SYN Cookie Protection

CVE-2022-23027 MEDIUM

F5 BIG-IP 12.1.5.3-12.1.6 - Denial of Service via FastL4 and HTTP/FIX/Hash Persistence Profile Conflict

CVE-2022-23026 MEDIUM

BIG-IP ASM & Advanced WAF 12.1.0-12.1.5 - Authenticated Unrestricted File Upload via REST Endpoint

CVE-2022-23025 HIGH

F5 BIG-IP 13.1.0-13.1.3 - Denial of Service via SIP ALG Profile

CVE-2022-23024 HIGH

BIG-IP AFM DoS via IPsec ALG Logging Profile (13.1.x < 13.1.4, 14.1.x < 14.1.4.2, 15.1.x < 15.1.4.1, 16.x < 16.1.0)

CVE-2022-23023 MEDIUM

F5 BIG-IP 12.1.0-12.1.4 - Authenticated Uncontrolled Resource Consumption via iControl REST

CVE-2022-23022 HIGH

F5 BIG-IP 16.1.0-16.1.1 - Denial of Service via HTTP Profile

CVE-2022-23021 HIGH

F5 BIG-IP 16.1.0-16.1.1 - Denial of Service via TMM Termination

CVE-2022-23020 HIGH

F5 BIG-IP 16.1.0-16.1.1 - Denial of Service via Request Logging Profile

CVE-2022-23019 HIGH

F5 BIG-IP 12.1.0-12.1.5 - Denial of Service via Diameter Session and Router Profiles

CVE-2022-23018 HIGH

BIG-IP AFM DoS via HTTP Protocol Security and HTTP Proxy Connect

Previous Page 15 of 41 Next

Products

big-ip_access_policy_manager 589 big-ip_application_security_manager 541 big-ip_advanced_firewall_manager 514 big-ip_local_traffic_manager 503 big-ip_policy_enforcement_manager 495 big-ip_link_controller 487 big-ip_application_acceleration_manager 486 big-ip_analytics 473 big-ip_global_traffic_manager 452 big-ip_domain_name_system 429 big-ip_fraud_protection_service 367 big-ip_webaccelerator 259 big-ip_edge_gateway 255 big-ip_advanced_web_application_firewall 155 big-ip_websafe 137 big-ip_ddos_hybrid_defender 127 big-ip_ssl_orchestrator 108 big-iq_centralized_management 77 big-ip_carrier-grade_nat 71 big-ip_application_visibility_and_reporting 70 big-ip_protocol_security_module 61 big-ip_container_ingress_services 48 big-ip_automation_toolchain 47 BIG-IP 46 nginx 41 enterprise_manager 39 njs 39 big-ip_wan_optimization_manager 38 traffix_signaling_delivery_controller 31 ssl_orchestrator 27

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy