f5

1,024 tracked vulnerabilities.

CVE-2024-21793 HIGH
F5 BIG-IP Next Central Manager 20.0.1-20.1.x - SQL Injection via OData API
May 08, 2024
CVSS 7.5
EPSS 0.87
CVE-2024-3661 HIGH
FortiClient 6.4.0-7.2.4 - Unauthenticated VPN Traffic Leak via DHCP Classless Static Route Option
May 06, 2024
CVSS 7.6
EPSS 0.03
CVE-2024-24990 HIGH
NGINX OSS 1.25.0-1.25.3 and NGINX Plus - Use-After-Free in HTTP/3 QUIC Module
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-24989 HIGH
NGINX Plus and NGINX OSS - Denial of Service via HTTP/3 QUIC Module
Feb 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-24966 MEDIUM
F5OS-A and F5OS-C - Incorrect Authorization via LDAP Remote Authentication
Feb 14, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-24775 HIGH
Traffic Management Microkernel - DoS
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23982 HIGH
BIG-IP Policy Enforcement Manager 15.1.0-15.1.9 - Denial of Service via UDP Virtual Server Classification Profile
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23979 HIGH
F5 BIG-IP - Denial of Service via SSL Client Certificate LDAP or CRLDP Authentication
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23976 MEDIUM
F5 BIG-IP and BIG-IQ - Authenticated Privilege Escalation via iAppsLX Template Bypass
Feb 14, 2024
CVSS 6.0
EPSS 0.00
CVE-2024-23805 HIGH
F5 BIG-IP Advanced WAF and ASM 15.1.0-15.1.9 - Denial of Service via HTTP Analytics Profile with URLs Enabled
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23607 MEDIUM
F5OS-A 1.3.0-1.3.9 and F5OS-C 1.3.0-1.5.9 - Authenticated Path Traversal via QKView Utility
Feb 14, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-23603 LOW
F5 BIG-IP Application Security Manager and Advanced Web Application Firewall - SQL Injection
Feb 14, 2024
CVSS 3.8
EPSS 0.00
CVE-2024-23314 HIGH
F5 BIG-IP and BIG-IQ - Denial of Service via HTTP/2 Response Handling
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23308 HIGH
F5 BIG-IP Advanced WAF and ASM 17.1.0 - Denial of Service via Request Body Handling Option
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-23306 HIGH
F5 BIG-IP Next CNF and SPK 1.1.0-<1.2.0 - Unauthenticated Sensitive File Access
Feb 14, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-22389 HIGH
F5 BIG-IP - Insufficient Session Expiration via iControl REST API Token Sync
Feb 14, 2024
CVSS 7.2
EPSS 0.00
CVE-2024-22093 HIGH
F5 BIG-IP 15.1.0-15.1.8 and BIG-IQ 8.0.0-8.2.0 - Authenticated Remote Command Injection via iControl REST Endpoint
Feb 14, 2024
CVSS 8.7
EPSS 0.00
CVE-2024-21849 HIGH
F5 BIG-IP Advanced WAF and ASM 16.1.0-16.1.3 - Denial of Service via WebSocket Traffic
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-21789 HIGH
F5 BIG-IP ASM/Advanced WAF 17.1.0 - Memory Exhaustion via Undisclosed Requests
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-21782 MEDIUM
F5 BIG-IP and BIG-IQ - Authenticated OS Command Injection via SCP Utility
Feb 14, 2024
CVSS 6.7
EPSS 0.00
CVE-2024-21771 HIGH
F5 Big-ip Advanced Firewall Manager < 15.1.9 - Resource Allocation Without Limits
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-21763 HIGH
BIG-IP Advanced Firewall Manager 17.1.0 - Denial of Service via NXDOMAIN Attack Vector
Feb 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-45886 HIGH
F5 BIG-IP Next and ZebOS - Denial of Service via Malformed BGP Update Attribute
Nov 21, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-46748 HIGH KEV
BIG-IP - Authenticated SQL Injection
Oct 26, 2023
CVSS 8.8
EPSS 0.04
CVE-2023-46747 CRITICAL KEVNUCLEI
F5 BIG-IP 13.1.0-13.1.4 - Unauthenticated Remote Command Execution via Configuration Utility Bypass
Oct 26, 2023
CVSS 9.8
EPSS 0.94
Products
big-ip_access_policy_manager 589 big-ip_application_security_manager 541 big-ip_advanced_firewall_manager 514 big-ip_local_traffic_manager 503 big-ip_policy_enforcement_manager 495 big-ip_link_controller 487 big-ip_application_acceleration_manager 486 big-ip_analytics 473 big-ip_global_traffic_manager 452 big-ip_domain_name_system 429 big-ip_fraud_protection_service 367 big-ip_webaccelerator 259 big-ip_edge_gateway 255 big-ip_advanced_web_application_firewall 155 big-ip_websafe 137 big-ip_ddos_hybrid_defender 127 big-ip_ssl_orchestrator 108 big-iq_centralized_management 77 big-ip_carrier-grade_nat 71 big-ip_application_visibility_and_reporting 70 big-ip_protocol_security_module 61 big-ip_container_ingress_services 48 big-ip_automation_toolchain 47 BIG-IP 46 nginx 41 enterprise_manager 39 njs 39 big-ip_wan_optimization_manager 38 traffix_signaling_delivery_controller 31 ssl_orchestrator 27
Quick Filters
Critical CVEs With Exploits In CISA KEV