f5
1,031 tracked vulnerabilities.
CVE-2024-31156
HIGH
F5 BIG-IP 15.1.0-15.1.10.3 - Stored Cross-Site Scripting in Configuration Utility
May 08, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-28889
MEDIUM
F5 BIG-IP 15.1.0-15.1.10.4 - Denial of Service via SSL Profile Alert Timeout
May 08, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-28883
HIGH
BIG-IP APM Browser Network Access VPN Client 7.2.3-7.2.4.3 - Origin Validation Bypass
May 08, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-28132
MEDIUM
F5 BIG-IP Next 1.2.0-1.2.9 - Authenticated Sensitive Information Exposure
May 08, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-27202
MEDIUM
F5 BIG-IP 15.1.0-15.1.10.3 - DOM-based Cross-Site Scripting in Configuration Utility
May 08, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-26026
HIGH
F5 BIG-IP Next Central Manager 20.0.1-20.1.x - SQL Injection via API URI
May 08, 2024
CVSS 7.5
EPSS 0.07
CVE-2024-25560
HIGH
F5 BIG-IP AFM 15.1.0-15.1.10.8 - Denial of Service via DNS Traffic
May 08, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-21793
HIGH
F5 BIG-IP Next Central Manager 20.0.1-20.1.x - SQL Injection via OData API
May 08, 2024
CVSS 7.5
EPSS 0.07
CVE-2024-3661
HIGH
FortiClient 6.4.0-7.2.4 - Unauthenticated VPN Traffic Leak via DHCP Classless Static Route Option
May 06, 2024
CVSS 7.6
EPSS 0.04
CVE-2024-24990
HIGH
NGINX OSS 1.25.0-1.25.3 and NGINX Plus - Use-After-Free in HTTP/3 QUIC Module
Feb 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-24989
HIGH
NGINX Plus and NGINX OSS - Denial of Service via HTTP/3 QUIC Module
Feb 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-24966
MEDIUM
F5OS-A and F5OS-C - Incorrect Authorization via LDAP Remote Authentication
Feb 14, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-24775
HIGH
Traffic Management Microkernel - DoS
Feb 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23982
HIGH
BIG-IP Policy Enforcement Manager 15.1.0-15.1.9 - Denial of Service via UDP Virtual Server Classification Profile
Feb 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23979
HIGH
F5 BIG-IP - Denial of Service via SSL Client Certificate LDAP or CRLDP Authentication
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23976
MEDIUM
F5 BIG-IP and BIG-IQ - Authenticated Privilege Escalation via iAppsLX Template Bypass
Feb 14, 2024
CVSS 6.0
EPSS 0.00
CVE-2024-23805
HIGH
F5 BIG-IP Advanced WAF and ASM 15.1.0-15.1.9 - Denial of Service via HTTP Analytics Profile with URLs Enabled
Feb 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23607
MEDIUM
F5OS-A 1.3.0-1.3.9 and F5OS-C 1.3.0-1.5.9 - Authenticated Path Traversal via QKView Utility
Feb 14, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-23603
LOW
F5 BIG-IP Application Security Manager and Advanced Web Application Firewall - SQL Injection
Feb 14, 2024
CVSS 3.8
EPSS 0.00
CVE-2024-23314
HIGH
F5 BIG-IP and BIG-IQ - Denial of Service via HTTP/2 Response Handling
Feb 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23308
HIGH
F5 BIG-IP Advanced WAF and ASM 17.1.0 - Denial of Service via Request Body Handling Option
Feb 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-23306
HIGH
F5 BIG-IP Next CNF and SPK 1.1.0-<1.2.0 - Unauthenticated Sensitive File Access
Feb 14, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-22389
HIGH
F5 BIG-IP - Insufficient Session Expiration via iControl REST API Token Sync
Feb 14, 2024
CVSS 7.2
EPSS 0.00
CVE-2024-22093
HIGH
F5 BIG-IP 15.1.0-15.1.8 and BIG-IQ 8.0.0-8.2.0 - Authenticated Remote Command Injection via iControl REST Endpoint
Feb 14, 2024
CVSS 8.7
EPSS 0.01
CVE-2024-21849
HIGH
F5 BIG-IP Advanced WAF and ASM 16.1.0-16.1.3 - Denial of Service via WebSocket Traffic
Feb 14, 2024
CVSS 7.5
EPSS 0.01
Products
big-ip_access_policy_manager 628
big-ip_application_security_manager 581
big-ip_advanced_firewall_manager 552
big-ip_local_traffic_manager 541
big-ip_policy_enforcement_manager 533
big-ip_link_controller 525
big-ip_application_acceleration_manager 524
big-ip_analytics 511
big-ip_global_traffic_manager 490
big-ip_domain_name_system 469
big-ip_fraud_protection_service 405
big-ip_webaccelerator 297
big-ip_edge_gateway 293
big-ip_advanced_web_application_firewall 195
big-ip_websafe 175
big-ip_ddos_hybrid_defender 166
big-ip_ssl_orchestrator 147
big-ip_carrier-grade_nat 109
big-ip_application_visibility_and_reporting 108
big-ip_container_ingress_services 86
big-ip_automation_toolchain 85
big-iq_centralized_management 85
big-ip_protocol_security_module 61
BIG-IP 46
nginx 42
njs 40
enterprise_manager 39
big-ip_wan_optimization_manager 38
traffix_signaling_delivery_controller 31
ssl_orchestrator 27
Quick Filters