cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2016-5736,https://securityvulnerability.io/vulnerability/CVE-2016-5736,,"The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP AAM, AFM, and PEM 11.4.x, 11.5.x before 11.5.4 HF2, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF2; BIG-IP DNS 12.x before 12.0.0 HF2; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 before HF16; BIG-IP GTM 11.2.1 before HF16, 11.4.x, 11.5.x before 11.5.4 HF2, and 11.6.x before 11.6.1; and BIG-IP PSM 11.4.0 through 11.4.1 improperly enables the anonymous IPsec IKE peer configuration object, which allows remote attackers to establish an IKE Phase 1 negotiation and possibly conduct brute-force attacks against Phase 2 negotiations via unspecified vectors.",F5,Big-ip Application Acceleration Manager,7.5,HIGH,0.0011699999449774623,false,false,false,false,,false,false,2016-08-19T21:00:00.000Z,0
CVE-2016-4545,https://securityvulnerability.io/vulnerability/CVE-2016-4545,,"Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service (resource consumption and Traffic Management Microkernel restart) via an SSL alert during the handshake.",F5,Big-ip Application Acceleration Manager,7.5,HIGH,0.00203999993391335,false,false,false,false,,false,false,2016-06-07T18:00:00.000Z,0
CVE-2015-8021,https://securityvulnerability.io/vulnerability/CVE-2015-8021,,"Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php.",F5,"Big-ip Access Policy Manager,Big-ip Link Controller,Big-ip Analytics,Big-ip Edge Gateway,Big-ip Protocol Security Module,Big-ip Local Traffic Manager,Big-ip Wan Optimization Manager,Big-ip Global Traffic Manager,Big-ip Advanced Firewall Manager,Big-ip Webaccelerator,Big-ip Application Security Manager,Big-ip Application Acceleration Manager,Big-ip Policy Enforcement Manager",4.3,MEDIUM,0.001180000021122396,false,false,false,false,,false,false,2016-04-12T14:00:00.000Z,0
CVE-2015-8240,https://securityvulnerability.io/vulnerability/CVE-2015-8240,,"The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable.",F5,"Big-ip Analytics,Big-ip Link Controller,Big-ip Protocol Security Module,Big-ip Application Security Manager,Big-ip Advanced Firewall Manager,Big-ip Application Acceleration Manager,Big-ip Global Traffic Manager,Big-ip Local Traffic Manager,Big-ip Access Policy Manager,Big-ip Policy Enforcement Manager",7.5,HIGH,0.00203999993391335,false,false,false,false,,false,false,2016-04-11T14:00:00.000Z,0
CVE-2015-6546,https://securityvulnerability.io/vulnerability/CVE-2015-6546,,"The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, BIG-IP AAM 11.4.0 before 11.6.0, BIG-IP AFM and PEM 11.3.0 before 11.6.0, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.0.0 through 11.3.0, BIG-IP PSM 11.0.0 through 11.4.1 allows remote attackers to cause a denial of service via ""malicious traffic.""",F5,Big-ip Application Acceleration Manager,,,0.0014900000533089042,false,false,false,false,,false,false,2015-11-06T18:00:00.000Z,0
CVE-2015-5058,https://securityvulnerability.io/vulnerability/CVE-2015-5058,,"Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted ICMP packets.",F5,"Big-ip Link Controller,Big-ip Analytics,Big-iq Security,Big-ip Application Security Manager,Big-ip Global Traffic Manager,Big-ip Advanced Firewall Manager,Big-ip Application Acceleration Manager,Big-ip Access Policy Manager,Big-iq Device,Big-ip Local Traffic Manager,Big-iq Cloud,Big-iq Adc",,,0.002099999925121665,false,false,false,false,,false,false,2015-08-24T14:00:00.000Z,0
CVE-2014-9326,https://securityvulnerability.io/vulnerability/CVE-2014-9326,,"The automatic signature update functionality in the (1) Phone Home feature in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, GTM, and Link Controller 11.5.0 through 11.6.0, ASM 10.0.0 through 11.6.0, and PEM 11.3.0 through 11.6.0 and the (2) Call Home feature in ASM 10.0.0 through 11.6.0 and PEM 11.3.0 through 11.6.0 does not properly validate server SSL certificates, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.",F5,Big-ip Application Acceleration Manager,,,0.0013899999903514981,false,false,false,false,,false,false,2015-05-12T19:00:00.000Z,0
CVE-2014-2927,https://securityvulnerability.io/vulnerability/CVE-2014-2927,,"The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.",F5,"Big-ip Protocol Security Module,Arx,Big-ip Wan Optimization Manager,Big-ip Local Traffic Manager,Big-ip Access Policy Manager,Big-ip Link Controller,Big-ip Webaccelerator,Big-ip Application Security Manager,Big-ip Analytics,Big-ip Edge Gateway,Big-ip Global Traffic Manager,Firepass,Big-iq Security,Big-iq Cloud,Enterprise Manager,Big-ip Advanced Firewall Manager,Big-ip Policy Enforcement Manager,Big-ip Application Acceleration Manager,Big-iq Device",,,0.0760900005698204,false,false,false,false,,false,false,2014-10-15T14:00:00.000Z,0
CVE-2014-3959,https://securityvulnerability.io/vulnerability/CVE-2014-3959,,"Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.",F5,"Big-ip Protocol Security Module,Big-ip Advanced Firewall Manager,Big-ip Edge Gateway,Big-ip Local Traffic Manager,Big-ip Wan Optimization Manager,Big-ip Link Controller,Big-ip Application Security Manager,Big-ip Analytics,Big-ip Global Traffic Manager,Big-ip Application Acceleration Manager,Big-ip Webaccelerator,Big-ip Access Policy Manager,Enterprise Manager,Big-ip Policy Enforcement Manager",,,0.0025599999353289604,false,false,false,false,,false,false,2014-06-03T14:00:00.000Z,0