cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2016-5020,https://securityvulnerability.io/vulnerability/CVE-2016-5020,,F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script.,F5,Big-ip Wan Optimization Manager,8.8,HIGH,0.0021699999924749136,false,false,false,false,,false,false,2016-06-30T17:00:00.000Z,0
CVE-2015-8021,https://securityvulnerability.io/vulnerability/CVE-2015-8021,,"Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, Link Controller, and PSM 11.x before 11.2.1 HF11, 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; BIG-IP AAM 11.4.0 before HF8 and 11.4.1 before HF6; BIG-IP AFM and PEM 11.3.x, 11.4.0 before HF8, and 11.4.1 before HF6; and BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF11 and 11.3.0 allows remote authenticated users to upload files via uploadImage.php.",F5,"Big-ip Access Policy Manager,Big-ip Link Controller,Big-ip Analytics,Big-ip Edge Gateway,Big-ip Protocol Security Module,Big-ip Local Traffic Manager,Big-ip Wan Optimization Manager,Big-ip Global Traffic Manager,Big-ip Advanced Firewall Manager,Big-ip Webaccelerator,Big-ip Application Security Manager,Big-ip Application Acceleration Manager,Big-ip Policy Enforcement Manager",4.3,MEDIUM,0.001180000021122396,false,false,false,false,,false,false,2016-04-12T14:00:00.000Z,0
CVE-2014-2927,https://securityvulnerability.io/vulnerability/CVE-2014-2927,,"The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not require authentication, which allows remote attackers to read or write to arbitrary files via a cmi request to the ConfigSync IP address.",F5,"Big-ip Protocol Security Module,Arx,Big-ip Wan Optimization Manager,Big-ip Local Traffic Manager,Big-ip Access Policy Manager,Big-ip Link Controller,Big-ip Webaccelerator,Big-ip Application Security Manager,Big-ip Analytics,Big-ip Edge Gateway,Big-ip Global Traffic Manager,Firepass,Big-iq Security,Big-iq Cloud,Enterprise Manager,Big-ip Advanced Firewall Manager,Big-ip Policy Enforcement Manager,Big-ip Application Acceleration Manager,Big-iq Device",,,0.0760900005698204,false,false,false,false,,false,false,2014-10-15T14:00:00.000Z,0
CVE-2014-3959,https://securityvulnerability.io/vulnerability/CVE-2014-3959,,"Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.",F5,"Big-ip Protocol Security Module,Big-ip Advanced Firewall Manager,Big-ip Edge Gateway,Big-ip Local Traffic Manager,Big-ip Wan Optimization Manager,Big-ip Link Controller,Big-ip Application Security Manager,Big-ip Analytics,Big-ip Global Traffic Manager,Big-ip Application Acceleration Manager,Big-ip Webaccelerator,Big-ip Access Policy Manager,Enterprise Manager,Big-ip Policy Enforcement Manager",,,0.0025599999353289604,false,false,false,false,,false,false,2014-06-03T14:00:00.000Z,0