cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2015-8021,https://securityvulnerability.io/vulnerability/CVE-2015-8021,,"Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php.",F5,"Big-ip Access Policy Manager,Big-ip Link Controller,Big-ip Analytics,Big-ip Edge Gateway,Big-ip Protocol Security Module,Big-ip Local Traffic Manager,Big-ip Wan Optimization Manager,Big-ip Global Traffic Manager,Big-ip Advanced Firewall Manager,Big-ip Webaccelerator,Big-ip Application Security Manager,Big-ip Application Acceleration Manager,Big-ip Policy Enforcement Manager",4.3,MEDIUM,0.001180000021122396,false,false,false,false,,false,false,2016-04-12T14:00:00.000Z,0
CVE-2015-8240,https://securityvulnerability.io/vulnerability/CVE-2015-8240,,"The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable.",F5,"Big-ip Analytics,Big-ip Link Controller,Big-ip Protocol Security Module,Big-ip Application Security Manager,Big-ip Advanced Firewall Manager,Big-ip Application Acceleration Manager,Big-ip Global Traffic Manager,Big-ip Local Traffic Manager,Big-ip Access Policy Manager,Big-ip Policy Enforcement Manager",7.5,HIGH,0.00203999993391335,false,false,false,false,,false,false,2016-04-11T14:00:00.000Z,0
CVE-2015-4638,https://securityvulnerability.io/vulnerability/CVE-2015-4638,,"The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.3.0 through 11.5.2 and 11.6.0 through 11.6.0 HF4, BIG-IP Edge Gateway, WebAccelerator, and WOM 11.2.1 through 11.3.0, and BIG-IP PSM 11.2.1 through 11.4.1 allows remote attackers to cause a denial of service (Traffic Management Microkernel restart) via a fragmented packet.",F5,"Big-ip Analytics,Big-ip Protocol Security Module,Big-ip Link Controller,Big-ip Edge Gateway,Big-ip Application Security Manager,Big-ip Global Traffic Manager,Big-ip Advanced Firewall Manager,Big-ip Policy Enforcement Manager,Big-ip Local Traffic Manager,Big-ip Webaccelerator",,,0.002099999925121665,false,false,false,false,,false,false,2015-09-18T14:00:00.000Z,0
CVE-2015-5058,https://securityvulnerability.io/vulnerability/CVE-2015-5058,,"Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and PEM 11.5.x before 11.5.1 HF10, 11.5.3 before HF1, and 11.6.0 before HF5, BIG-IQ Cloud, Device, and Security 4.4.0 through 4.5.0, and BIG-IQ ADC 4.5.0 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted ICMP packets.",F5,"Big-ip Link Controller,Big-ip Analytics,Big-iq Security,Big-ip Application Security Manager,Big-ip Global Traffic Manager,Big-ip Advanced Firewall Manager,Big-ip Application Acceleration Manager,Big-ip Access Policy Manager,Big-iq Device,Big-ip Local Traffic Manager,Big-iq Cloud,Big-iq Adc",,,0.002099999925121665,false,false,false,false,,false,false,2015-08-24T14:00:00.000Z,0
CVE-2015-1050,https://securityvulnerability.io/vulnerability/CVE-2015-1050,,Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application Security Manager (ASM) before 11.6 allows remote attackers to inject arbitrary web script or HTML via the Response Body field when creating a new user account.,F5,Big-ip Application Security Manager,,,0.009119999594986439,false,false,false,false,,false,false,2015-01-15T15:00:00.000Z,0
CVE-2014-2927,https://securityvulnerability.io/vulnerability/CVE-2014-2927,,"The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.",F5,"Big-ip Protocol Security Module,Arx,Big-ip Wan Optimization Manager,Big-ip Local Traffic Manager,Big-ip Access Policy Manager,Big-ip Link Controller,Big-ip Webaccelerator,Big-ip Application Security Manager,Big-ip Analytics,Big-ip Edge Gateway,Big-ip Global Traffic Manager,Firepass,Big-iq Security,Big-iq Cloud,Enterprise Manager,Big-ip Advanced Firewall Manager,Big-ip Policy Enforcement Manager,Big-ip Application Acceleration Manager,Big-iq Device",,,0.0760900005698204,false,false,false,false,,false,false,2014-10-15T14:00:00.000Z,0
CVE-2014-3959,https://securityvulnerability.io/vulnerability/CVE-2014-3959,,"Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.",F5,"Big-ip Protocol Security Module,Big-ip Advanced Firewall Manager,Big-ip Edge Gateway,Big-ip Local Traffic Manager,Big-ip Wan Optimization Manager,Big-ip Link Controller,Big-ip Application Security Manager,Big-ip Analytics,Big-ip Global Traffic Manager,Big-ip Application Acceleration Manager,Big-ip Webaccelerator,Big-ip Access Policy Manager,Enterprise Manager,Big-ip Policy Enforcement Manager",,,0.0025599999353289604,false,false,false,false,,false,false,2014-06-03T14:00:00.000Z,0
CVE-2012-1493,https://securityvulnerability.io/vulnerability/CVE-2012-1493,,"F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x before 11.1.0-HF3, and Enterprise Manager before 2.1.0-HF2, 2.2.x before 2.2.0-HF1, and 2.3.x before 2.3.0-HF3, use a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins via the PubkeyAuthentication option.",F5,"Big-ip Application Security Manager,Big-ip Global Traffic Manager,Big-ip Local Traffic Manager,Tmos,Big-ip 1000,Big-ip 11000,Big-ip 11050,Big-ip 1500,Big-ip 1600,Big-ip 2400,Big-ip 3400,Big-ip 3410,Big-ip 3600,Big-ip 3900,Big-ip 4100,Big-ip 5100,Big-ip 5110,Big-ip 6400,Big-ip 6800,Big-ip 6900,Big-ip 8400,Big-ip 8800,Big-ip 8900,Big-ip 8950",,,0.4172700047492981,false,false,false,false,,false,false,2012-07-09T22:55:00.000Z,0
CVE-2009-4420,https://securityvulnerability.io/vulnerability/CVE-2009-4420,,"Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 through 9.4.7 and 10.0.0 through 10.0.1, and Protocol Security Manager (PSM) 9.4.5 through 9.4.7 and 10.0.0 through 10.0.1, allows remote attackers to cause a denial of service (crash) via unknown vectors.  NOTE: some of these details are obtained from third party information.",F5,"Big-ip Application Security Manager,Big-ip Protocol Security Manager,Big-ip Protocol Security Module",,,0.024769999086856842,false,false,false,false,,false,false,2009-12-24T17:00:00.000Z,0
CVE-2008-0539,https://securityvulnerability.io/vulnerability/CVE-2008-0539,,Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Security Manager (ASM) 9.4.3 allows remote attackers to inject arbitrary web script or HTML via the report_type parameter.,F5,Big-ip Application Security Manager,,,0.023019999265670776,false,false,false,false,,false,false,2008-02-01T19:41:00.000Z,0