Vulnerabilities > F5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2022-34031 | Unspecified vulnerability in F5 NJS 0.7.5 Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_value_to_number at src/njs_value_conversion.h. | 7.5 |
| 2022-07-18 | CVE-2022-34032 | Unspecified vulnerability in F5 NJS 0.7.5 Nginx NJS v0.7.5 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c. | 7.5 |
| 2022-06-21 | CVE-2022-31306 | Use After Free vulnerability in F5 NJS 0.7.2 Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c. | 5.5 |
| 2022-06-21 | CVE-2022-31307 | Use After Free vulnerability in F5 NJS 0.7.2 Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c. | 5.5 |
| 2022-06-21 | CVE-2022-32414 | Use After Free vulnerability in F5 NJS 0.7.2 Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c. | 5.5 |
| 2022-05-25 | CVE-2022-29379 | Out-of-bounds Write vulnerability in F5 NJS 0.7.3 Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njs_default_module_loader at /src/njs/src/njs_module.c. | 9.8 |
| 2022-05-12 | CVE-2022-29369 | Improper Check for Unusual or Exceptional Conditions vulnerability in F5 NJS 0.7.2 Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c. | 7.5 |
| 2022-05-05 | CVE-2022-1389 | Unspecified vulnerability in F5 products On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP (fixed in 17.0.0), a cross-site request forgery (CSRF) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. | 4.3 |
| 2022-05-05 | CVE-2022-1468 | Unspecified vulnerability in F5 products On all versions of 17.0.x, 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x on F5 BIG-IP, an authenticated iControl REST user with at least guest role privileges can cause processing delays to iControl REST requests via undisclosed requests. | 4.3 |
| 2022-05-05 | CVE-2022-25946 | Unspecified vulnerability in F5 products On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF, ASM, and ASM, and F5 BIG-IP Guided Configuration (GC) all versions prior to 9.0, when running in Appliance mode, an authenticated attacker with Administrator role privilege may be able to bypass Appliance mode restrictions due to a missing integrity check in F5 BIG-IP Guided Configuration. | 6.5 |