Latest f5 big-iq centralized management Vulnerabilities

CVE-2023-41964
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables.  Note: Software versions which have reached End of Technical Support (EoTS) are not evalua...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
and 71 more
CVE-2023-43485
When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log.  Note: Software versions which have reached End of Technical Support (EoT...
F5 BIG-IQ Centralized Management>=8.0.0<8.2.0.1.0.13.97-eng
F5 BIG-IQ Centralized Management>=8.3.0<8.3.0.0.12.118-eng
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.4
and 68 more
CVE-2023-38419
An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.  Note: Software versions which have reached End of Technical...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.5
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.9.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.5
F5 BIG-IP Access Policy Manager>=17.0.0<17.1.0.2
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 90 more
CVE-2023-29240
An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint.  Note: Software versions which have reached End of Techn...
F5 BIG-IQ Centralized Management>=8.0.0<8.3.0
CVE-2022-41622
In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not...
F5 BIG-IQ Centralized Management>=8.0.0<=8.2.0
F5 BIG-IQ Centralized Management=7.1.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.5
F5 BIG-IP Advanced Firewall Manager>=15.1.0<=15.1.8
F5 BIG-IP Advanced Firewall Manager>=16.1.0<=16.1.3
and 51 more
CVE-2022-41770
In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iC...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.7
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager>=17.0.0<17.0.0.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 51 more
CVE-2022-34851
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 50 more
CVE-2022-35728
In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ version 8.x before 8.2.0 and all versions of 7...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.5.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Access Policy Manager=17.0.0
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.5
and 53 more
CVE-2022-34844
In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-I...
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.6.1
F5 BIG-IP Access Policy Manager>=16.1.0<16.1.3.1
F5 BIG-IP Advanced Firewall Manager>=15.1.0<15.1.6.1
F5 BIG-IP Advanced Firewall Manager>=16.1.0<16.1.3.1
F5 BIG-IP Analytics>=15.1.0<15.1.6.1
F5 BIG-IP Analytics>=16.1.0<16.1.3.1
and 21 more
CVE-2022-29479
On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all vers...
F5 BIG-IP Access Policy Manager=11.6.1
F5 BIG-IP Access Policy Manager=11.6.2
F5 BIG-IP Access Policy Manager=11.6.3
F5 BIG-IP Access Policy Manager=11.6.4
F5 BIG-IP Access Policy Manager=11.6.5
F5 BIG-IP Access Policy Manager=12.1.0
and 340 more
CVE-2022-26340
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG...
F5 BIG-IP Access Policy Manager=11.6.1
F5 BIG-IP Access Policy Manager=11.6.2
F5 BIG-IP Access Policy Manager=11.6.3
F5 BIG-IP Access Policy Manager=11.6.4
F5 BIG-IP Access Policy Manager=11.6.5
F5 BIG-IP Access Policy Manager=12.1.0
and 337 more
CVE-2022-23009
F5 BIG-IQ Centralized Management=8.0.0
CVE-2022-23023
On BIG-IP version 16.1.x before 16.1.2.1, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, and BIG-IQ all versions of 8.x and 7.x, undisclosed requests by an authen...
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.4
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.4
F5 BIG-IP Access Policy Manager>=15.1.0<=15.1.4
F5 BIG-IP Access Policy Manager>=16.1.0<=16.1.2
F5 BIG-IP Advanced Firewall Manager>=12.1.0<=12.1.5
and 66 more
CVE-2002-20001
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-expo...
Balasys Dheater
Siemens Scalance W1750d Firmware
Siemens Scalance W1750d
SUSE Linux Enterprise Server=11
SUSE Linux Enterprise Server=12
SUSE Linux Enterprise Server=15
and 80 more
CVE-2021-23026
BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vuln...
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.4
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.4
F5 BIG-IP Access Policy Manager>=15.1.0<=15.1.2
F5 BIG-IP Access Policy Manager>=16.0.0<=16.0.1.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<=13.1.4
F5 BIG-IP Advanced Firewall Manager>=14.1.0<=14.1.4
and 53 more
CVE-2021-23024
On version 8.0.x before 8.0.0.1, and all 6.x and 7.x versions, the BIG-IQ Configuration utility has an authenticated remote command execution vulnerability in undisclosed pages. Note: Software version...
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management>=7.0.0<=7.1.0
F5 BIG-IQ Centralized Management>=8.0.0<8.0.0.1
CVE-2021-23006
On all 7.x and 6.x versions (fixed in 8.0.0), undisclosed BIG-IQ pages have a reflected cross-site scripting vulnerability. Note: Software versions which have reached End of Software Development (EoSD...
F5 BIG-IQ Centralized Management>=6.0.0<8.0.0
CVE-2021-22997
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ HA ElasticSearch service does not implement any form of authentication for the clustering transport services, and all data used by ElasticSearch fo...
F5 BIG-IQ Centralized Management>=6.0.0<8.0.0
CVE-2021-22996
On all 7.x versions (fixed in 8.0.0), when set up for auto failover, a BIG-IQ Data Collection Device (DCD) cluster member that receives an undisclosed message may cause the corosync process to abort. ...
F5 BIG-IQ Centralized Management>=7.0.0<8.0.0
CVE-2021-22995
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ high availability (HA) when using a Quorum device for automatic failover does not implement any form of authentication with the Corosync daemon. No...
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management>=7.0.0<=7.1.0
CVE-2021-22986
F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.3
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.6
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.2.1
F5 BIG-IP Access Policy Manager>=16.0.0<16.0.1.1
F5 BIG-IP Advanced Firewall Manager>=12.1.0<12.1.5.3
and 68 more
CVE-2021-22974
On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6 and all versions of BIG-IQ 7.x and 6.x, an authenticated attacker with access to iCon...
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.6
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.3.1
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.2
F5 BIG-IP Access Policy Manager>=16.0.0<16.0.1.1
F5 BIG-IP Advanced Firewall Manager>=13.1.0<13.1.3.5
F5 BIG-IP Advanced Firewall Manager>=14.1.0<14.1.3.1
and 52 more
CVE-2020-5944
In BIG-IQ 7.1.0, accessing the DoS Summary events and DNS Overview pages in the BIG-IQ system interface returns an error message due to disabled Grafana reverse proxy in web service configuration. F5 ...
F5 BIG-IQ Centralized Management>=7.1.0<7.1.0.1
CVE-2020-5930
In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed meth...
F5 BIG-IP Access Policy Manager>=11.6.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.4
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.8
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.0.5
F5 BIG-IP Advanced Firewall Manager>=11.6.1<=11.6.5
and 62 more
CVE-2020-5923
In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1 and BIG-IQ versions 5.4.0-7.0.0, Self-IP port-lockdown bypass via IPv6 link-local addresses.
F5 BIG-IP Access Policy Manager>=11.6.1<11.6.5.2
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.2
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.4
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.7
F5 BIG-IP Access Policy Manager>=15.0.0<15.1.0.5
F5 BIG-IP Advanced Firewall Manager>=11.6.1<11.6.5.2
and 52 more
CVE-2020-5917
F5 BIG-IP Access Policy Manager>=11.6.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.2
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.4
F5 BIG-IP Access Policy Manager>=15.0.0<15.0.1.4
F5 BIG-IP Access Policy Manager>=15.1.0<15.1.0.5
and 63 more
CVE-2020-5873
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ 5.2.0-7.1.0, a user associated with the Resource Administrator role who has access to the secure ...
F5 BIG-IP Access Policy Manager>=11.6.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3.1
F5 BIG-IP Access Policy Manager>=14.1.0<=14.1.2.3
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
and 52 more
CVE-2020-5870
In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization mechanisms do not use any form of authentication for connecting to the peer.
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management>=7.0.0<7.1.0
CVE-2020-5869
In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in transit.
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management>=7.0.0<7.1.0
CVE-2020-5868
In BIG-IQ 6.0.0-7.0.0, a remote access vulnerability has been discovered that may allow a remote user to execute shell commands on affected systems using HTTP requests to the BIG-IQ user interface.
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
CVE-2020-5860
On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, in a High Availability (HA) network failover in Device...
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3
and 52 more
CVE-2020-5858
On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest o...
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<=13.1.3
and 62 more
CVE-2020-5854
On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specif...
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<12.1.5.1
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.2
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.1.1
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.2.1
F5 BIG-IP Access Policy Manager>=15.0.0<15.1.0
and 78 more
CVE-2014-5209
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
NTP ntp=4.2.7-p25
F5 BIG-IP Access Policy Manager>=10.2.1<=10.2.4
F5 BIG-IP Access Policy Manager>=11.4.0<=11.6.4
F5 BIG-IP Access Policy Manager>=12.0.0<=12.1.4
F5 BIG-IP Access Policy Manager>=13.0.0<=13.1.1
F5 BIG-IP Access Policy Manager>=14.0.0<=14.1.0
and 71 more
CVE-2019-19151
On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, BIG-IQ versions 7.0.0, 6.0.0-6.1.0, and 5.0.0-5.4.0, iWorkflow version 2.3.0, and Enterprise Man...
F5 BIG-IQ Centralized Management>=5.0.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IQ Centralized Management=7.0.0
F5 BIG-IP Access Policy Manager>=11.5.1<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.0.0<=13.1.3
and 64 more
CVE-2019-6688
On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5 and BIG-IQ versions 6.0.0-6.1.0 and 5.2.0-5.4.0, a user is able to obtain the secr...
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
F5 BIG-IP Access Policy Manager>=11.5.2<11.6.5.1
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.1.0<13.1.3.2
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.1.1
and 74 more
CVE-2019-6665
On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, BIG-IQ 6.0.0 and 5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, an attacker with access to the device commu...
F5 BIG-IP Application Security Manager>=13.1.0<=13.1.3.1
F5 BIG-IP Application Security Manager>=14.0.0<=14.0.1
F5 BIG-IP Application Security Manager>=14.1.0<=14.1.2
F5 BIG-IP Application Security Manager>=15.0.0<=15.0.1
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management=6.0.0
and 2 more
CVE-2019-6663
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.5
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.5
F5 BIG-IP Access Policy Manager>=13.0.0<=13.1.3
F5 BIG-IP Access Policy Manager>=14.0.0<=14.1.2
F5 BIG-IP Access Policy Manager>=15.0.0<=15.0.1
F5 BIG-IP Advanced Firewall Manager>=11.5.2<=11.6.5
and 64 more
CVE-2019-6471
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12...
F5 Big-ip Local Traffic Manager>=11.5.2<=11.5.9
F5 Big-ip Local Traffic Manager>=11.6.1<=11.6.4
F5 Big-ip Local Traffic Manager>=12.1.0<=12.1.4
F5 Big-ip Local Traffic Manager>=13.1.0<=13.1.1
F5 Big-ip Local Traffic Manager=14.0.0
F5 Big-ip Local Traffic Manager=14.1.0
and 103 more
CVE-2018-5743
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conserva...
F5 Big-ip Local Traffic Manager>=11.5.2<=11.6.5
F5 Big-ip Local Traffic Manager>=12.1.0<=12.1.4
F5 Big-ip Local Traffic Manager>=13.0.0<=13.1.1
F5 Big-ip Local Traffic Manager>=14.0.0<=14.1.0
F5 Big-ip Local Traffic Manager=15.0.0
F5 Big-ip Application Acceleration Manager>=11.5.2<=11.6.5
and 73 more
CVE-2018-14468
tcpdump. Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1
ubuntu/tcpdump<4.9.3-0ubuntu0.18.04.1
ubuntu/tcpdump<4.9.3-0ubuntu0.14.04.1+
ubuntu/tcpdump<4.9.3
ubuntu/tcpdump<4.9.3-0ubuntu0.16.04.1
Tcpdump Tcpdump<4.9.3
Apple Mac OS X<10.15.2
and 165 more
CVE-2018-14880
tcpdump. Multiple issues were addressed by updating to tcpdump version 4.9.3 and libpcap version 1.9.1
Tcpdump Tcpdump<4.9.3
Apple Mac OS X<10.15.2
Debian Debian Linux=8.0
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Fedoraproject Fedora=29
and 165 more
CVE-2019-6653
There is a Stored Cross Site Scripting vulnerability in the undisclosed page of a BIG-IQ 6.0.0-6.1.0 or 5.2.0-5.4.0 system. The attack can be stored by users granted the Device Manager and Administrat...
F5 BIG-IQ Centralized Management>=5.2.0<=5.4.0
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
CVE-2019-6652
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any form of Transport Layer Security (TLS).
F5 BIG-IQ Centralized Management>=6.0.0<=6.1.0
CVE-2019-6651
In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.5.1-11.6.4, BIG-IQ 7.0.0, 6.0.0-6.1.0,5.2.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, the Configura...
F5 Big-ip Local Traffic Manager>=11.5.1<=11.6.4
F5 Big-ip Local Traffic Manager>=12.1.0<=12.1.4.1
F5 Big-ip Local Traffic Manager>=13.0.0<=13.1.1.5
F5 Big-ip Local Traffic Manager>=14.0.0<=14.0.0.5
F5 Big-ip Local Traffic Manager>=14.1.0<=14.1.0.6
F5 Big-ip Local Traffic Manager=15.0.0
and 77 more
CVE-2019-10744
A Prototype Pollution vulnerability was found in lodash. Calling certain methods with untrusted JSON could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON...
redhat/jaeger<0:v1.13.1.redhat7-1.el7
redhat/kiali<0:v1.0.11.redhat1-1.el7
redhat/servicemesh-grafana<0:6.2.2-36.el8
redhat/ovirt-web-ui<0:1.6.0-1.el7e
Lodash Lodash<4.17.12
NetApp Service Level Manager
and 84 more
CVE-2019-6621
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, 11.6.1-11.6.3.4, and 11.5.2-11.5.8 and BIG-IQ 7.0.0-7.1.0.2, 6.0.0-6.1.0, and 5.1.0-5.4.0, an undisclosed iControl REST wo...
F5 BIG-IP Access Policy Manager>=11.5.2<11.5.9
F5 BIG-IP Access Policy Manager>=11.6.1<11.6.4
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.4
F5 BIG-IP Access Policy Manager>=13.0.0<13.1.1.5
F5 BIG-IP Access Policy Manager>=14.0.0<14.0.0.5
F5 BIG-IP Access Policy Manager>=14.1.0<14.1.0.6
and 74 more
CVE-2019-6620
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4 and BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, an undisclosed iControl REST worker vulnerable to command inject...
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.4
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.4
F5 BIG-IP Access Policy Manager>=13.0.0<13.1.1.5
F5 BIG-IP Access Policy Manager>=14.0.0<14.1.0.6
F5 BIG-IP Advanced Firewall Manager>=11.5.2<=11.6.4
F5 BIG-IP Advanced Firewall Manager>=12.1.0<=12.1.4
and 48 more
CVE-2019-6642
In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ...
F5 BIG-IP Access Policy Manager>=11.5.2<=11.6.4
F5 BIG-IP Access Policy Manager>=12.1.0<=12.1.4.2
F5 BIG-IP Access Policy Manager>=13.0.0<=13.1.1.5
F5 BIG-IP Access Policy Manager>=14.0.0<=14.1.0.5
F5 BIG-IP Access Policy Manager=15.0.0
F5 BIG-IP Advanced Firewall Manager>=11.5.2<=11.6.4
and 63 more
CVE-2019-11479
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP segments. If the Maximum Segment Size (MSS) of a TCP connection was set to low values,...
redhat/kernel<0:2.6.32-754.15.3.el6
redhat/kernel<0:2.6.32-431.95.3.el6
redhat/kernel<0:2.6.32-504.79.3.el6
redhat/kernel-rt<0:3.10.0-957.21.3.rt56.935.el7
redhat/kernel<0:3.10.0-957.21.3.el7
redhat/kernel-alt<0:4.14.0-115.8.2.el7a
and 180 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203