f5

1,024 tracked vulnerabilities.

CVE-2024-7347 MEDIUM
NGINX Open Source 1.5.13-1.26.1 and NGINX Plus r27-r30 - Out-of-bounds Read in ngx_http_mp4_module
Aug 14, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-41727 HIGH
F5 BIG-IP - Resource Exhaustion via Undisclosed Traffic
Aug 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-41723 MEDIUM
F5 BIG-IP 15.1.0 - Exposure of Sensitive Information via iControl REST
Aug 14, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-41719 MEDIUM
BIG-IP Next Central Manager 20.1.0-20.2.0 - Sensitive Information Disclosure in QKView Logs
Aug 14, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-41164 MEDIUM
F5 BIG-IP Access Policy Manager 15.1.0 - Denial of Service via MPTCP Traffic
Aug 14, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-39809 HIGH
F5 BIG-IP Next Central Manager - Insufficient Session Expiration
Aug 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-39792 HIGH
NGINX Plus - Memory Exhaustion via MQTT Pre-Read Module
Aug 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-39778 HIGH
F5 BIG-IP - Denial of Service via High-Speed Bridge Stateless Virtual Server
Aug 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-37028 MEDIUM
F5 BIG-IP Next Central Manager 20.1.0-20.2.0 - Overly Restrictive Account Lockout Mechanism
Aug 14, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-35200 MEDIUM
NGINX OSS >=1.25.0 <1.26.1 and NGINX Plus - Denial of Service via HTTP/3 QUIC Module
May 29, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-34161 MEDIUM
NGINX OSS >=1.25.0 <1.26.1 and NGINX Plus - Use-After-Free via HTTP/3 QUIC Packet Handling
May 29, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-32760 MEDIUM
NGINX OSS >=1.25.0 <1.26.1 and NGINX Plus - Out-of-bounds Write via HTTP/3 QUIC Module
May 29, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-31079 MEDIUM
NGINX OSS >=1.25.0 <1.26.1 and NGINX Plus - Stack-based Buffer Overflow in HTTP/3 QUIC Module
May 29, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-33612 MEDIUM
BIG-IP Next Central Manager 20.0.1-20.1.x - Improper Certificate Validation
May 08, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-33608 HIGH
Traffic Management Microkernel - DoS
May 08, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-33604 MEDIUM
F5 BIG-IP 15.1.0-15.1.10.4 - Reflected Cross-Site Scripting in Configuration Utility
May 08, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-32761 MEDIUM
BIG-IP 15.1.0-15.1.10 - Memory Data Leak in TMM
May 08, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-32049 HIGH
BIG-IP Next Central Manager 20.0.1-20.0.x - Unauthenticated Credential Exposure
May 08, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-31156 HIGH
F5 BIG-IP 15.1.0-15.1.10.3 - Stored Cross-Site Scripting in Configuration Utility
May 08, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-28889 MEDIUM
F5 BIG-IP 15.1.0-15.1.10.4 - Denial of Service via SSL Profile Alert Timeout
May 08, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-28883 HIGH
BIG-IP APM Browser Network Access VPN Client 7.2.3-7.2.4.3 - Origin Validation Bypass
May 08, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-28132 MEDIUM
F5 BIG-IP Next 1.2.0-1.2.9 - Authenticated Sensitive Information Exposure
May 08, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-27202 MEDIUM
F5 BIG-IP 15.1.0-15.1.10.3 - DOM-based Cross-Site Scripting in Configuration Utility
May 08, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-26026 HIGH
F5 BIG-IP Next Central Manager 20.0.1-20.1.x - SQL Injection via API URI
May 08, 2024
CVSS 7.5
EPSS 0.89
CVE-2024-25560 HIGH
F5 BIG-IP AFM 15.1.0-15.1.10.8 - Denial of Service via DNS Traffic
May 08, 2024
CVSS 7.5
EPSS 0.00
Products
big-ip_access_policy_manager 589 big-ip_application_security_manager 541 big-ip_advanced_firewall_manager 514 big-ip_local_traffic_manager 503 big-ip_policy_enforcement_manager 495 big-ip_link_controller 487 big-ip_application_acceleration_manager 486 big-ip_analytics 473 big-ip_global_traffic_manager 452 big-ip_domain_name_system 429 big-ip_fraud_protection_service 367 big-ip_webaccelerator 259 big-ip_edge_gateway 255 big-ip_advanced_web_application_firewall 155 big-ip_websafe 137 big-ip_ddos_hybrid_defender 127 big-ip_ssl_orchestrator 108 big-iq_centralized_management 77 big-ip_carrier-grade_nat 71 big-ip_application_visibility_and_reporting 70 big-ip_protocol_security_module 61 big-ip_container_ingress_services 48 big-ip_automation_toolchain 47 BIG-IP 46 nginx 41 enterprise_manager 39 njs 39 big-ip_wan_optimization_manager 38 traffix_signaling_delivery_controller 31 ssl_orchestrator 27
Quick Filters
Critical CVEs With Exploits In CISA KEV