NotCVE - vendor:"F5"

Page 89 of 907 results (0.014 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2008-6474

https://notcve.org/view.php?id=CVE-2008-6474

16 Mar 2009 — The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection. El interfaz de gestión en F5 BIG-IP v9.4.3 permite a usuarios remotos autenticados con privilegios de "Resource Manager" inyectar código Perl de su elección mediante parámetros de configuración no especificados relacionados a Perl EP3 con plantillas, pr... • http://osvdb.org/51116 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2008-3149

https://notcve.org/view.php?id=CVE-2008-3149

11 Jul 2008 — The SNMP daemon in the F5 FirePass 1200 6.0.2 hotfix 3 allows remote attackers to cause a denial of service (daemon crash) by walking the hrSWInstalled OID branch in HOST-RESOURCES-MIB. El demonio SNMP en F5 FirePass 1200 6.0.2 Hotfix 3 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante la consulta de la rama hrSWInstalled OID en HOST-RESOURCES-MIB. • http://secunia.com/advisories/30965 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

CVE-2008-2637 – F5 FirePass 6.0.2.3 - '/vdesk/admincon/index.php?sql_matchscope' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2008-2637

10 Jun 2008 — Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via quotes in (1) the css_exceptions parameter in vdesk/admincon/webyfiers.php and (2) the sql_matchscope parameter in vdesk/admincon/index.php. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en F5 FirePass SSL VPN versiones 6.0.2 hotfix 3, y posiblemente versiones anteriores, permiten a atacantes remotos inyect... • https://www.exploit-db.com/exploits/31886 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 3

CVE-2008-2030 – F5 Networks FirePass 4100 SSL VPN - 'installControl.php3' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2008-2030

30 Apr 2008 — Cross-site scripting (XSS) vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en installControl.php3 de F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 y 6.0-6.2 permite a atacantes remotos inyectar secuencias de comand... • https://www.exploit-db.com/exploits/31698 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2008-1503

https://notcve.org/view.php?id=CVE-2008-1503

25 Mar 2008 — Cross-site scripting (XSS) vulnerability in the web management interface in F5 BIG-IP 9.4.3 allows remote attackers to inject arbitrary web script or HTML via (1) the name of a node object, or the (2) sysContact or (3) sysLocation SNMP configuration field, aka "Audit Log XSS." NOTE: these issues might be resultant from cross-site request forgery (CSRF) vulnerabilities. Vulnerabilidad de Secuencias de comandos en sitios cruzados (XSS) en el interfaz de gestión web en F5 BIG-IP 9.4.3, permite a atacantes remo... • http://securityreason.com/securityalert/3778 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 13%CPEs: 14EXPL: 3

CVE-2007-6704 – F5 Networks FirePass 4100 SSL VPN - 'Download_Plugin.php3' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2007-6704

05 Mar 2008 — Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en F5 FirePass 4100 SSL VPN 5.4.1 hasta 5.5.2 y 6.0 hasta 6.0.1, cuando las secuencias pre-logon están activadas, permiten a atacantes remoto... • https://www.exploit-db.com/exploits/30834 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 25%CPEs: 5EXPL: 2

CVE-2007-6258 – Apache Tomcat Connector jk2-2.0.2 mod_jk2 - Remote Overflow

https://notcve.org/view.php?id=CVE-2007-6258

18 Feb 2008 — Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header. Múltiples desbordamientos de búfer basados en pila en el módulo de Apache legacy mod_jk2 2.0.3-DEV y anteriores permiten a atacantes remotos ejecutar código de su elección a través de una (1) cabecera Host larga o (2) Hostname dentro de una cabecera Host larga. • https://www.exploit-db.com/exploits/5386 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.1EPSS: 2%CPEs: 3EXPL: 2

CVE-2008-0539 – F5 BIG-IP Application Security Manager 9.4.3 - 'report_type' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2008-0539

01 Feb 2008 — Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Security Manager (ASM) 9.4.3 allows remote attackers to inject arbitrary web script or HTML via the report_type parameter. Vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en dms/policy/rep_request.php en F5 BIG-IP Application Security Manager (ASM) 9.4.3, permiten a atacantes remotos inyectar web script o HTML de su elección a través del parámetro report_type. • https://www.exploit-db.com/exploits/31065 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 1

CVE-2008-0265 – F5 BIG-IP 9.4.3 - 'SearchString' Multiple Cross-Site Scripting Vulnerabilities

https://notcve.org/view.php?id=CVE-2008-0265

15 Jan 2008 — Multiple cross-site scripting (XSS) vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to (1) list_system.jsp, (2) list_pktfilter.jsp, (3) list_ltm.jsp, (4) resources_audit.jsp, and (5) list_asm.jsp in tmui/Control/jspmap/tmui/system/log/; and (6) list.jsp in certain directories. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en la función Search ... • https://www.exploit-db.com/exploits/31024 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 2%CPEs: 14EXPL: 1

CVE-2007-5979 – F5 FirePass 4100 SSL VPN - 'Download_Plugin.php3' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2007-5979

15 Nov 2007 — Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 Firepass 4100 SSL VPN 5.4 through 5.5.2 and 6.0 through 6.0.1 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en download_plugin.php3 en F5 Firepass 4100 SSL VPN 5.4 hasta la 5.5.2 y 6.0 hasta la 6.0.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro backurl. • https://www.exploit-db.com/exploits/30755 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...87 88 89 90 91