Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
traffic server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22341
On version 14.1.x prior to 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate: * An OAuth Server that references an OAuth Provider * A...
F5 Big-ip Access Policy Manager
NA
CVE-2023-22323
In BIP-IP versions 17.0.x prior to 17.0.0.2, 16.1.x prior to 16.1.3.3, 15.1.x prior to 15.1.8.1, 14.1.x prior to 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource ut...
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Fraud Protection Service
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Ssl Orchestrator
F5 Big-ip Domain Name System
NA
CVE-2023-22664
On BIG-IP versions 17.0.x prior to 17.0.0.2 and 16.1.x prior to 16.1.3.3, and BIG-IP SPK starting in version 1.6.0, when a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, undisclosed requests can cause an increase in memory resource uti...
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Ssl Orchestrator
F5 Big-ip Service Proxy 1.6.0
NA
CVE-2023-23555
On BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to prior to 15.1.8 and 14.1.x beginning in 14.1.5 to prior to 14.1.5.3, and BIG-IP SPK beginning in 1.5.0 to prior to 1.6.0, when FastL4 profile is configured on a virtual server, undisclosed traffic can cause the Traff...
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Access Policy Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Domain Name System
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Ssl Orchestrator
F5 Big-ip Application Acceleration Manager
F5 Big-ip Service Proxy
NA
CVE-2023-21893
Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NE...
Oracle Database Server 19c
Oracle Database Server 21c
NA
CVE-2022-41317
An issue exists in Squid 4.9 up to and including 4.17 and 5.0.6 up to and including 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixe...
Squid-cache Squid
NA
CVE-2022-40743
Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions...
Apache Traffic Server
NA
CVE-2022-32749
Improper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an malicious user to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 up to and including 9.1.3.
Apache Traffic Server
NA
CVE-2022-37392
Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Apache Traffic Server
NA
CVE-2022-41622
In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Big-iq Centralized Management 7.1.0
F5 Big-iq Centralized Management
F5 Big-ip Advanced Firewall Manager 17.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 17.0.0
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager 17.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager 17.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System 17.0.0
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service 17.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager 17.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller 17.0.0
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager 17.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager 17.0.0
F5 Big-ip Policy Enforcement Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »