f5

1,031 tracked vulnerabilities.

CVE-2017-6157 HIGH
F5 BIG-IP 11.5.0-11.5.4, 11.6.0-11.6.1, 12.0.0-12.1.1 - Unauthenticated RCE via HTTP Explicit Proxy or SOCKS Profile
Oct 27, 2017
CVSS 8.1
EPSS 0.04
CVE-2017-0303 HIGH
F5 BIG-IP 11.5.1-13.0.0 Resource Starvation via SOCKS Profile
Oct 27, 2017
CVSS 7.5
EPSS 0.03
CVE-2017-6165 CRITICAL
F5 BIG-IP - Sensitive Information Disclosure in Log File
Oct 20, 2017
CVSS 9.8
EPSS 0.02
CVE-2017-6145 HIGH
F5 BIG-IP 12.0.0-12.1.2 and 13.0.0 - Insufficient Session Expiration via iControl REST Cookie Conversion
Oct 20, 2017
CVSS 7.3
EPSS 0.01
CVE-2017-6144 HIGH
F5 BIG-IP PEM 12.1.0-12.1.2 - Improper Certificate Validation in TAC Database Download
Oct 20, 2017
CVSS 7.4
EPSS 0.01
CVE-2017-6141 MEDIUM
F5 BIG-IP 12.1.0-12.1.2 DoS via TLS Abbreviated Handshake
Oct 20, 2017
CVSS 5.9
EPSS 0.01
CVE-2017-6147 MEDIUM
F5 BIG-IP - Denial of Service via SSL Forward Proxy Configuration
Sep 18, 2017
CVSS 5.9
EPSS 0.01
CVE-2017-7529 HIGH
nginx 0.5.6-1.13.2 - Integer Overflow in Range Filter Module
Jul 13, 2017
CVSS 7.5
EPSS 0.63
CVE-2017-6131 CRITICAL
F5 BIG-IP 12.0.0-12.1.2 and 13.0.0 - Use of Hard-coded Credentials in Azure Instance Administrative Account
May 23, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-6137 MEDIUM
F5 BIG-IP 11.6.1 HF1, 12.0.0 HF3/HF4, 12.1.0-12.1.2 DoS via Traffic Pattern Disruption
May 09, 2017
CVSS 5.9
EPSS 0.01
CVE-2017-0302 MEDIUM
F5 BIG-IP APM 12.0.0-12.1.2 and 13.0.0 - Authenticated Denial of Service via Short URL Request
May 09, 2017
CVSS 5.3
EPSS 0.01
CVE-2017-6128 HIGH
F5 BIG-IP Local Traffic Manager - Denial of Service in sshd
May 01, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-6130 HIGH
F5 SSL Intercept iApp 1.5.0-1.5.7 and SSL Orchestrator 2.0 - Server-Side Request Forgery via Dynamic Domain Bypass
Apr 06, 2017
CVSS 7.4
EPSS 0.01
CVE-2017-0305 CRITICAL
F5 SSL Intercept iApp 1.5.0-1.5.7 - Unauthenticated Remote Command Execution via Explicit Proxy with SNAT Auto Map
Apr 06, 2017
CVSS 9.8
EPSS 0.04
CVE-2016-5236 MEDIUM
F5 WebSafe Alert Server <= 3.9.5 - Authenticated Stored Cross-Site Scripting via User Account Creation
Jul 01, 2019
CVSS 5.4
EPSS 0.01
CVE-2016-5235 MEDIUM
F5 WebSafe Alert Server < 4.0.0 - Unauthenticated Cross-Site Scripting via Crafted Alert
Jul 01, 2019
CVSS 6.1
EPSS 0.01
CVE-2016-7475 HIGH
BIG-IP 11.4.0-11.6.1 - Denial of Service via SPDY/HTTP2 Connection Handling
Oct 08, 2018
CVSS 7.5
EPSS 0.01
CVE-2016-7472 HIGH
F5 BIG-IP ASM 12.1.0-12.1.1 - Denial of Service via Crafted HTTP Request
Apr 03, 2018
CVSS 7.5
EPSS 0.05
CVE-2016-7469 MEDIUM
BIG-IP LTM 11.2.1-12.1.2 - Authenticated Stored Cross-Site Scripting in Configuration Utility Device Name Change Page
Jun 09, 2017
CVSS 5.4
EPSS 0.01
CVE-2016-7476 HIGH
F5 BIG-IP TMM - Denial of Service via Crafted TCP Packet
May 11, 2017
CVSS 7.5
EPSS 0.02
CVE-2016-9250 HIGH
F5 BIG-IP 11.2.1, 11.4.0-11.6.1, 12.0.0-12.1.2 - Unauthenticated Arbitrary File Deletion
May 10, 2017
CVSS 7.5
EPSS 0.01
CVE-2016-9257 MEDIUM
F5 BIG-IP APM 12.0.0-12.1.2 - Unauthenticated Stored Cross-Site Scripting in Access System Logs
May 09, 2017
CVSS 6.1
EPSS 0.01
CVE-2016-9256 HIGH
F5 BIG-IP 12.1.0-12.1.2 - Info Disclosure
May 09, 2017
CVSS 7.5
EPSS 0.01
CVE-2016-9253 HIGH
F5 BIG-IP 12.1.0-12.1.2 - Denial of Service via WebSocket Traffic
May 09, 2017
CVSS 7.5
EPSS 0.01
CVE-2016-9251 HIGH
F5 BIG-IP <12.1.2 - Privilege Escalation
May 09, 2017
CVSS 8.8
EPSS 0.02