Search Results (Refine Search)
- CPE Product Version: cpe:/a:f5:big-ip_webaccelerator:12.1.5.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-5915 |
In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an undisclosed TMUI page contains a vulnerability which allows a stored XSS when BIG-IP systems are setup in a device trust. Published: August 26, 2020; 11:15:13 AM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-10744 |
Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. Published: July 25, 2019; 8:15:11 PM -0400 |
V3.1: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
CVE-2019-13135 |
ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. Published: July 01, 2019; 4:15:11 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2019-12295 |
In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the dissection engine could crash. This was addressed in epan/packet.c by restricting the number of layers and consequently limiting recursion. Published: May 23, 2019; 8:29:00 AM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-6604 |
On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge. Published: March 28, 2019; 5:29:00 PM -0400 |
V3.0: 6.8 MEDIUM V2.0: 4.3 MEDIUM |