f5

1,024 tracked vulnerabilities.

CVE-2020-5918 HIGH
BIG-IP <15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3...
Aug 26, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-5917 MEDIUM
F5 BIG-IP 11.6.1-15.1.0.4 & BIG-IQ 5.2.0-7.0.0 - Weak OpenSSH Host Key Encryption
Aug 26, 2020
CVSS 5.9
EPSS 0.00
CVE-2020-5916 MEDIUM
BIG-IP <15.1.0.4, <15.0.1.3 - Info Disclosure
Aug 26, 2020
CVSS 6.8
EPSS 0.00
CVE-2020-5915 MEDIUM
BIG-IP 11.6.1-15.1.0.4 - Stored XSS in TMUI Page
Aug 26, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-5914 HIGH
BIG-IP ASM - Server Cookie Denial of Service
Aug 26, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-5913 HIGH
BIG-IP <15.1.3.4 - Info Disclosure
Aug 26, 2020
CVSS 7.4
EPSS 0.00
CVE-2020-5912 HIGH
BIG-IP 11.6.1-15.1.0.4 Arbitrary File Write via restjavad Dump Command
Aug 26, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-24349 MEDIUM
njs <= 0.4.3 - Use-After-Free in njs_value_property
Aug 13, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-24348 MEDIUM
njs < 0.4.3 - Out-of-bounds Read in njs_json_stringify_iterator
Aug 13, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-24347 MEDIUM
njs < 0.4.3 - Out-of-bounds Read in njs_lvlhsh_level_find
Aug 13, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-24346 HIGH
njs < 0.4.3 - Use-After-Free in JSON Parser
Aug 13, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-5911 HIGH
NGINX Controller <3.5.0, <2.9.0, <1.0.1 - Info Disclosure
Jul 02, 2020
CVSS 7.3
EPSS 0.00
CVE-2020-5910 HIGH
NGINX Controller - No Auth Required
Jul 02, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-5909 MEDIUM
NGINX Controller <3.5.0, <2.9.0, <1.0.1 - Info Disclosure
Jul 02, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-5908 MEDIUM
BIG-IP APM <12.1.5, <11.6.5.2 - Info Disclosure
Jul 01, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-5907 HIGH
BIG-IP <15.2 - Privilege Escalation
Jul 01, 2020
CVSS 7.2
EPSS 0.00
CVE-2020-5906 HIGH
BIG-IP <13.1.3.3, 12.1.5.2, 11.6.5.2 - Privilege Escalation
Jul 01, 2020
CVSS 8.1
EPSS 0.00
CVE-2020-5905 MEDIUM
BIG-IP 11.6.1-11.6.5.2 - Stored Cross-Site Scripting in WCCP Configuration Page
Jul 01, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-5904 HIGH
BIG-IP 12.1.0-12.1.5.1 - Cross-Site Request Forgery in TMUI
Jul 01, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-5903 MEDIUM
F5 BIG-IP 12.1.0-12.1.5.1 - Cross-Site Scripting in Configuration Utility
Jul 01, 2020
CVSS 6.1
EPSS 0.09
CVE-2020-5902 CRITICAL KEVNUCLEI
BIG-IP 11.6.1-11.6.5.1 - Remote Code Execution via TMUI Undisclosed Pages
Jul 01, 2020
CVSS 9.8
EPSS 0.94
CVE-2020-5901 CRITICAL
F5 NGINX Controller 3.3.0-3.4.0 - Reflected Cross-Site Scripting via Undisclosed API Endpoints
Jul 01, 2020
CVSS 9.6
EPSS 0.01
CVE-2020-5899 HIGH
NGINX Controller 3.0.0-3.4.0 - Info Disclosure
Jul 01, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-5900 HIGH
NGINX Controller <3.4.0, <2.9.0, <1.0.1 - CSRF
Jul 01, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-5898 MEDIUM
BIG-IP Edge Client <7.1.10 - Local Privilege Escalation
May 12, 2020
CVSS 5.5
EPSS 0.00
Products
big-ip_access_policy_manager 589 big-ip_application_security_manager 541 big-ip_advanced_firewall_manager 514 big-ip_local_traffic_manager 503 big-ip_policy_enforcement_manager 495 big-ip_link_controller 487 big-ip_application_acceleration_manager 486 big-ip_analytics 473 big-ip_global_traffic_manager 452 big-ip_domain_name_system 429 big-ip_fraud_protection_service 367 big-ip_webaccelerator 259 big-ip_edge_gateway 255 big-ip_advanced_web_application_firewall 155 big-ip_websafe 137 big-ip_ddos_hybrid_defender 127 big-ip_ssl_orchestrator 108 big-iq_centralized_management 77 big-ip_carrier-grade_nat 71 big-ip_application_visibility_and_reporting 70 big-ip_protocol_security_module 61 big-ip_container_ingress_services 48 big-ip_automation_toolchain 47 BIG-IP 46 nginx 41 enterprise_manager 39 njs 39 big-ip_wan_optimization_manager 38 traffix_signaling_delivery_controller 31 ssl_orchestrator 27
Quick Filters
Critical CVEs With Exploits In CISA KEV