Vulnerabilities > F5 > BIG IP Advanced Firewall Manager > 12.1.3.6

DATE CVE VULNERABILITY TITLE RISK
2018-10-19 CVE-2018-15314 Cross-site Scripting vulnerability in F5 Big-Ip Advanced Firewall Manager
On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page.
network
low complexity
f5 CWE-79
6.1
6.1
2018-10-19 CVE-2018-15313 Cross-site Scripting vulnerability in F5 Big-Ip Advanced Firewall Manager
On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page.
network
low complexity
f5 CWE-79
6.1
6.1
2018-10-19 CVE-2018-15312 Cross-site Scripting vulnerability in F5 products
On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-in user.
network
low complexity
f5 CWE-79
6.1
6.1
2018-09-06 CVE-2018-5391 Improper Input Validation vulnerability in multiple products
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. 		7.5
7.5