Vulnerabilities > F5 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-18 | CVE-2022-34028 | Unspecified vulnerability in F5 NJS 0.7.5 Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h. | 7.5 |
| 2022-07-18 | CVE-2022-34030 | Unspecified vulnerability in F5 NJS 0.7.5 Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c. | 7.5 |
| 2022-07-18 | CVE-2022-34031 | Unspecified vulnerability in F5 NJS 0.7.5 Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_value_to_number at src/njs_value_conversion.h. | 7.5 |
| 2022-07-18 | CVE-2022-34032 | Unspecified vulnerability in F5 NJS 0.7.5 Nginx NJS v0.7.5 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c. | 7.5 |
| 2022-05-12 | CVE-2022-29369 | Improper Check for Unusual or Exceptional Conditions vulnerability in F5 NJS 0.7.2 Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c. | 7.5 |
| 2022-05-05 | CVE-2022-26071 | Use of Insufficiently Random Values vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a flaw in the way reply ICMP packets are limited in the Traffic Management Microkernel (TMM) allows an attacker to quickly scan open UDP ports. | 7.5 |
| 2022-05-05 | CVE-2022-26370 | Use of Uninitialized Resource vulnerability in F5 products On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, and 14.1.x versions prior to 14.1.4.6, when a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is configured on a Message Routing virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. | 7.5 |
| 2022-05-05 | CVE-2022-26372 | Resource Exhaustion vulnerability in F5 products On F5 BIG-IP 15.1.x versions prior to 15.1.0.2, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when a DNS listener is configured on a virtual server with DNS queueing (default), undisclosed requests can cause an increase in memory resource utilization. | 7.5 |
| 2022-05-05 | CVE-2022-26517 | Incorrect Calculation vulnerability in F5 products On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when the BIG-IP CGNAT Large Scale NAT (LSN) pool is configured on a virtual server and packet filtering is enabled, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. | 7.5 |
| 2022-05-05 | CVE-2022-26890 | Always-Incorrect Control Flow Implementation vulnerability in F5 products On F5 BIG-IP Advanced WAF, ASM, and APM 16.1.x versions prior to 16.1.2.1, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when ASM or Advanced WAF, as well as APM, are configured on a virtual server, the ASM policy is configured with Session Awareness, and the "Use APM Username and Session ID" option is enabled, undisclosed requests can cause the bd process to terminate. | 7.5 |