f5
1,031 tracked vulnerabilities.
CVE-2025-20058
HIGH
F5 BIG-IP 15.1.0-15.1.10 - Uncontrolled Resource Consumption via Message Routing Profile
Feb 05, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-20045
HIGH
F5 BIG-IP 15.1.0-15.1.10 - Denial of Service via SIP ALG Passthru Mode
Feb 05, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-20029
HIGH
F5 BIG-IP 15.1.0-15.1.10.6 - Authenticated OS Command Injection via iControl REST and TMOS Shell Save Command
Feb 05, 2025
CVSS 8.8
EPSS 0.07
CVE-2024-10318
MEDIUM
NGINX OpenID Connect - Session Fixation
Nov 06, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-47139
MEDIUM
BIG-IQ Centralized Management - Authenticated Stored Cross-Site Scripting in Configuration Utility
Oct 16, 2024
CVSS 6.8
EPSS 0.01
CVE-2024-45844
HIGH
F5 BIG-IP 15.1.0-15.1.10.5 - Unauthenticated Access Control Bypass via Monitor Functionality
Oct 16, 2024
CVSS 7.2
EPSS 0.11
CVE-2024-7634
MEDIUM
F5 NGINX Agent 2.17.0-2.36.9 and NGINX Instance Manager 2.3.1-2.17.1 - Path Traversal via Config Dirs Restriction Bypass
Aug 22, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-7347
MEDIUM
NGINX Open Source 1.5.13-1.26.1 and NGINX Plus r27-r30 - Out-of-bounds Read in ngx_http_mp4_module
Aug 14, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-41727
HIGH
F5 BIG-IP - Resource Exhaustion via Undisclosed Traffic
Aug 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-41723
MEDIUM
F5 BIG-IP 15.1.0 - Exposure of Sensitive Information via iControl REST
Aug 14, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-41719
MEDIUM
BIG-IP Next Central Manager 20.1.0-20.2.0 - Sensitive Information Disclosure in QKView Logs
Aug 14, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-41164
MEDIUM
F5 BIG-IP Access Policy Manager 15.1.0 - Denial of Service via MPTCP Traffic
Aug 14, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-39809
HIGH
F5 BIG-IP Next Central Manager - Insufficient Session Expiration
Aug 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-39792
HIGH
NGINX Plus - Memory Exhaustion via MQTT Pre-Read Module
Aug 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-39778
HIGH
F5 BIG-IP - Denial of Service via High-Speed Bridge Stateless Virtual Server
Aug 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-37028
MEDIUM
F5 BIG-IP Next Central Manager 20.1.0-20.2.0 - Overly Restrictive Account Lockout Mechanism
Aug 14, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-35200
MEDIUM
NGINX OSS >=1.25.0 <1.26.1 and NGINX Plus - Denial of Service via HTTP/3 QUIC Module
May 29, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-34161
MEDIUM
NGINX OSS >=1.25.0 <1.26.1 and NGINX Plus - Use-After-Free via HTTP/3 QUIC Packet Handling
May 29, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-32760
MEDIUM
NGINX OSS >=1.25.0 <1.26.1 and NGINX Plus - Out-of-bounds Write via HTTP/3 QUIC Module
May 29, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-31079
MEDIUM
NGINX OSS >=1.25.0 <1.26.1 and NGINX Plus - Stack-based Buffer Overflow in HTTP/3 QUIC Module
May 29, 2024
CVSS 4.8
EPSS 0.01
CVE-2024-33612
MEDIUM
BIG-IP Next Central Manager 20.0.1-20.1.x - Improper Certificate Validation
May 08, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-33608
HIGH
Traffic Management Microkernel - DoS
May 08, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-33604
MEDIUM
F5 BIG-IP 15.1.0-15.1.10.4 - Reflected Cross-Site Scripting in Configuration Utility
May 08, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-32761
MEDIUM
BIG-IP 15.1.0-15.1.10 - Memory Data Leak in TMM
May 08, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-32049
HIGH
BIG-IP Next Central Manager 20.0.1-20.0.x - Unauthenticated Credential Exposure
May 08, 2024
CVSS 7.4
EPSS 0.01
Products
big-ip_access_policy_manager 628
big-ip_application_security_manager 581
big-ip_advanced_firewall_manager 552
big-ip_local_traffic_manager 541
big-ip_policy_enforcement_manager 533
big-ip_link_controller 525
big-ip_application_acceleration_manager 524
big-ip_analytics 511
big-ip_global_traffic_manager 490
big-ip_domain_name_system 469
big-ip_fraud_protection_service 405
big-ip_webaccelerator 297
big-ip_edge_gateway 293
big-ip_advanced_web_application_firewall 195
big-ip_websafe 175
big-ip_ddos_hybrid_defender 166
big-ip_ssl_orchestrator 147
big-ip_carrier-grade_nat 109
big-ip_application_visibility_and_reporting 108
big-ip_container_ingress_services 86
big-ip_automation_toolchain 85
big-iq_centralized_management 85
big-ip_protocol_security_module 61
BIG-IP 46
nginx 42
njs 40
enterprise_manager 39
big-ip_wan_optimization_manager 38
traffix_signaling_delivery_controller 31
ssl_orchestrator 27
Quick Filters