CVSS: 7.4EPSS: 0%CPEs: 106EXPL: 0CVE-2016-2084
https://notcve.org/view.php?id=CVE-2016-2084
13 Apr 2016 — F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP AAM 11.4.x before 11.4.1 build 685-HF10, 11.5.1 before build 10.104.180, 11.5.2 before 11.5.4 build 0.1.256, 11.6.0 before build 6.204.442, and 12.0.0 before build 1.14.628; BIG-IP DNS 12.0.0 before build 1.14.628; BIG-IP Edge Gateway, WebAccelerator, and WOM 1... • http://www.securitytracker.com/id/1035520 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 1%CPEs: 193EXPL: 0CVE-2015-5516
https://notcve.org/view.php?id=CVE-2015-5516
20 Jan 2016 — Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11... • http://www.securitytracker.com/id/1034686 • CWE-399: Resource Management Errors •
CVSS: 7.4EPSS: 0%CPEs: 96EXPL: 0CVE-2015-7393
https://notcve.org/view.php?id=CVE-2015-7393
12 Jan 2016 — dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AAM 11.4.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP AFM and PEM 11.3.0 through 11.6.0 and 12.0.0 before 12.0.0 HF1, BIG-IP DNS 12.0.0 before 12.0.0 HF1, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.0 through 11.3.0, BIG-IP GTM 11.2.0 through 11.6.0, BIG-IP PSM 11.2.0 through 11.4.1, Enterprise Manager 3.0.0 through 3.1.1, BIG-IQ Cloud 4.0.0 through 4.5.0, BIG-IQ Device 4.2... • http://securitytracker.com/id/1034632 •
CVSS: 9.0EPSS: 76%CPEs: 97EXPL: 4CVE-2015-3628 – F5 iControl - 'iCall::Script' Root Command Execution
https://notcve.org/view.php?id=CVE-2015-3628
19 Nov 2015 — The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with... • https://packetstorm.news/files/id/134434 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 126EXPL: 0CVE-2015-7394
https://notcve.org/view.php?id=CVE-2015-7394
06 Nov 2015 — The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of... • http://www.securitytracker.com/id/1034025 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 31EXPL: 0CVE-2015-5058
https://notcve.org/view.php?id=CVE-2015-5058
24 Aug 2015 — Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted ICMP packets. Vulnerabilidad de fuga de memoria en el componente de servidor virtual en F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, ... • http://www.securitytracker.com/id/1033334 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2015-4637
https://notcve.org/view.php?id=CVE-2015-4637
16 Jul 2015 — The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0 before HF2 and ADC 4.5.0 before HF2, when configured for LDAP remote authentication and the LDAP server allows anonymous BIND operations, allows remote attackers to obtain an authentication token for arbitrary users by guessing an LDAP user account name. La API REST en F5 BIG-IQ Cloud, Device, and Security 4.4.0 y 4.5.0 anterior a HF2 y ADC 4.5.0 anterior a HF2, cuando se configura para la autenticación remota LDAP y el servidor LDAP perm... • https://support.f5.com/kb/en-us/solutions/public/16000/800/sol16861.html • CWE-17: DEPRECATED: Code CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 6%CPEs: 45EXPL: 4CVE-2015-4047 – Debian Security Advisory 3272-1
https://notcve.org/view.php?id=CVE-2015-4047
26 May 2015 — racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests. racoon/gssapi.c en IPsec-Tools 0.8.2 permite a atacantes remotos causar una denegación de servicios (referencia a puntero nulo y caída de demonio IKE) a través de una serie de solicitudes UDP manipuladas. Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker c... • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.9EPSS: 3%CPEs: 136EXPL: 0CVE-2014-8730 – HP Security Bulletin HPSBPV03516 2
https://notcve.org/view.php?id=CVE-2014-8730
10 Dec 2014 — The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, AAM 11.4.0 through 11.5.1, AFM 11.3.0 through 11.5.1, Analytics 11.0.0 through 11.5.1, Edge Gateway, WebAccelerator, and WOM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, PEM 11.3.0 through 11.6.0, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.4.1 and BIG-IQ Cloud and Security 4.0.0 through 4.4.0 and Device 4.2.0 through 4.4.0, when using TLS 1.x before TLS 1.2, does not properly check CBC pad... • http://marc.info/?l=bugtraq&m=144372772101168&w=2 • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 7%CPEs: 195EXPL: 3CVE-2014-2927 – F5 Big-IP - rsync Access
https://notcve.org/view.php?id=CVE-2014-2927
15 Oct 2014 — The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address. El demonio rsync en F5 BIG-IP 11.6 anterior a 11.6.0, 11.5.1 anterior a HF3, 11.5.0 anterior a HF4, 11.4.1 anterior a ... • https://www.exploit-db.com/exploits/34465 • CWE-287: Improper Authentication •