CVSS: 4.9EPSS: 0%CPEs: 176EXPL: 0CVE-2014-6031
https://notcve.org/view.php?id=CVE-2014-6031
08 Jun 2017 — Buffer overflow in the mcpq daemon in F5 BIG-IP systems 10.x before 10.2.4 HF12, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x before 11.4.1 HF9, 11.5.x before 11.5.2 HF1, and 11.6.0 before HF4, and Enterprise Manager 2.1.0 through 2.3.0 and 3.x before 3.1.1 HF5 allows remote authenticated administrators to cause a denial of service via unspecified vectors. Desbordamiento de buffer en el demonio mcpq en sistemas F5 BIG-IP, versiones 10.x anteriores a la 10.2.4 HF12, 11.x anteriores a la 11.2.1 HF15, 11.3.x, 11.4.... • https://support.f5.com/csp/article/K16196 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 103EXPL: 0CVE-2017-6128
https://notcve.org/view.php?id=CVE-2017-6128
01 May 2017 — An attacker may be able to cause a denial-of-service (DoS) attack against the sshd component in F5 BIG-IP, Enterprise Manager, BIG-IQ, and iWorkflow. Un atacante puede ser capaz de causar un ataque de denegación de servicio (DoS) contra el componente sshd en F5 BIG-IP, Enterprise Manager, BIG-IQ e iWorkflow • http://www.securitytracker.com/id/1038362 •
CVSS: 9.8EPSS: 1%CPEs: 143EXPL: 0CVE-2016-5022
https://notcve.org/view.php?id=CVE-2016-5022
07 Sep 2016 — F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1 HF1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.x before 11.2.1 HF16 and 11.3.0; BIG-IP GTM 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6... • http://www.securitytracker.com/id/1036709 • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 1%CPEs: 120EXPL: 0CVE-2015-8099
https://notcve.org/view.php?id=CVE-2015-8099
13 May 2016 — F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF1; BIG-IP DNS 12.x before 12.0.0 HF1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0; BIG-IP GTM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP PSM 11.3.x and 11.4.x before 11.4.1 HF10... • http://www.securitytracker.com/id/1035873 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 93%CPEs: 68EXPL: 18CVE-2015-7547 – glibc - 'getaddrinfo' Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2015-7547
16 Feb 2016 — Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. Múltiples desbordamientos de buffer basado en pi... • https://packetstorm.news/files/id/167552 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 1%CPEs: 193EXPL: 0CVE-2015-5516
https://notcve.org/view.php?id=CVE-2015-5516
20 Jan 2016 — Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x before HF6, BIG-IP AAM 11.4.x, 11.5.x before 11.5.3 HF2 and 11.6.0 before HF6, BIG-IP AFM and PEM 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP Analytics 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.0 before HF6, BIG-IP APM and ASM 10.1.0 through 10.2.4, 11... • http://www.securitytracker.com/id/1034686 • CWE-399: Resource Management Errors •
CVSS: 9.0EPSS: 73%CPEs: 97EXPL: 4CVE-2015-3628 – F5 iControl - 'iCall::Script' Root Command Execution
https://notcve.org/view.php?id=CVE-2015-3628
19 Nov 2015 — The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP AAM 11.4.0 before 11.5.3 HF2 and 11.6.0 before 11.6.0 HF6, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.3.0, BIG-IP GTM 11.3.0 before 11.6.0 HF6, BIG-IP PSM 11.3.0 through 11.4.1, Enterprise Manager 3.1.0 through 3.1.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote authenticated users with... • https://packetstorm.news/files/id/134434 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 126EXPL: 0CVE-2015-7394
https://notcve.org/view.php?id=CVE-2015-7394
06 Nov 2015 — The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before 12.0.0, BIG-IP AAM 11.4.0 before 12.0.0, BIG-IP AFM, PEM 11.3.0 before 12.0.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.1.0 through 11.3.0, BIG-IP GTM 11.1.0 through 11.6.0, BIG-IP PSM 11.1.0 through 11.4.1, BIG-IQ Cloud and Security 4.0.0 through 4.5.0, BIG-IQ Device 4.2.0 through 4.5.0, BIG-IQ ADC 4.5.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to cause a denial of... • http://www.securitytracker.com/id/1034025 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 10%CPEs: 16EXPL: 2CVE-2015-4040 – F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal
https://notcve.org/view.php?id=CVE-2015-4040
17 Sep 2015 — Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterprise Manager 3.0.0 through 3.1.1 allows remote authenticated users to access arbitrary files in the web root via unspecified vectors. Vulnerabilidad de salto de directorio en la utilidad de configuración en F5 BIG-IP en versiones anteriores a 12.0.0 y Enterprise Manager 3.0.0 hasta la versión 3.1.1, permite a usuarios remotos autenticados acceder a archivos arbitrarios en la raíz web a través de vectores no e... • https://packetstorm.news/files/id/133931 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 3%CPEs: 45EXPL: 4CVE-2015-4047 – Debian Security Advisory 3272-1
https://notcve.org/view.php?id=CVE-2015-4047
26 May 2015 — racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests. racoon/gssapi.c en IPsec-Tools 0.8.2 permite a atacantes remotos causar una denegación de servicios (referencia a puntero nulo y caída de demonio IKE) a través de una serie de solicitudes UDP manipuladas. Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker c... • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159482.html • CWE-476: NULL Pointer Dereference •