| | CVE-2004-1307 |  F5 | high | 7.5 | 5.1%
| | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remot… | Dec 21, 2004 | Apr 16, 2026 |
| | CVE-2008-0539 | F5 | medium | 4.3 | 1.7%
| | Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Secu… | Feb 1, 2008 | Apr 23, 2026 |
| | CVE-2008-2637 | F5 | medium | 4.3 | 13.1%
| | Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possi… | Jun 10, 2008 | Apr 23, 2026 |
| | CVE-2009-2629 | F5 | high | 7.5 | 78.1%
| | Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.… | Sep 15, 2009 | Apr 23, 2026 |
| | CVE-2009-3896 | F5 | medium | 5.0 | 2.5%
| | src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x b… | Nov 24, 2009 | Apr 23, 2026 |
| | CVE-2009-3898 | F5 | medium | 4.9 | 1.1%
| | Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) … | Nov 24, 2009 | Apr 23, 2026 |
| | CVE-2009-4420 | F5 | high | 7.8 | 3.0%
| | Buffer overflow in the bd daemon in F5 Networks BIG-IP Application Security Manager (ASM) 9.4.4 thro… | Dec 24, 2009 | Apr 23, 2026 |
| | CVE-2009-4487 | F5 | medium | 6.8 | 2.2%
| | nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allo… | Jan 13, 2010 | Apr 23, 2026 |
| | CVE-2010-2263 | F5 | medium | 5.0 | 44.2%
| | nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to o… | Jun 15, 2010 | Apr 29, 2026 |
| | CVE-2010-2266 | F5 | medium | 5.0 | 7.3%
| | nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded direct… | Jun 15, 2010 | Apr 29, 2026 |
| | CVE-2010-4180 | F5 | medium | 4.3 | 3.8%
| | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enab… | Dec 6, 2010 | Apr 29, 2026 |
| | CVE-2011-4315 | F5 | medium | 6.8 | 2.8%
| | Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before … | Dec 8, 2011 | Apr 29, 2026 |
| | CVE-2012-1180 | F5 | medium | 5.0 | 3.1%
| | Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP serve… | Apr 17, 2012 | Apr 29, 2026 |
| | CVE-2012-2089 | F5 | medium | 6.8 | 5.3%
| | Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.… | Apr 17, 2012 | Apr 29, 2026 |
| | CVE-2011-3188 | F5 | critical | 9.1 | 4.3%
| | The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorith… | May 24, 2012 | Apr 29, 2026 |
| | CVE-2012-1493 | F5 | high | 7.8 | 84.4%
| | F5 BIG-IP appliances 9.x before 9.4.8-HF5, 10.x before 10.2.4, 11.0.x before 11.0.0-HF2, and 11.1.x … | Jul 9, 2012 | Apr 29, 2026 |
| | CVE-2011-4963 | F5 | medium | 5.0 | 0.3%
| | nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended a… | Jul 26, 2012 | Apr 29, 2026 |
| | CVE-2012-3163 | F5 | critical | 9.0 | 1.0%
| | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.… | Oct 17, 2012 | Apr 29, 2026 |
| | CVE-2013-2028 | F5 | high | 7.5 | 93.0%
| | The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows rem… | Jul 20, 2013 | Apr 29, 2026 |
| | CVE-2013-2070 | F5 | medium | 5.8 | 4.6%
| | http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when prox… | Jul 20, 2013 | Apr 29, 2026 |
| | CVE-2013-0150 | F5 | critical | 9.3 | 1.1%
| | Directory traversal vulnerability in an unspecified signed Java applet in the client-side components… | Aug 9, 2013 | Apr 29, 2026 |
| | CVE-2013-5975 | F5 | medium | 4.3 | 0.5%
| | The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 through 11.2.1 allows remote attack… | Oct 1, 2013 | Apr 29, 2026 |
| | CVE-2013-5976 | F5 | medium | 4.3 | 0.5%
| | Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP … | Oct 1, 2013 | Apr 29, 2026 |
| | CVE-2013-6016 | F5 | high | 7.8 | 1.3%
| | The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Control… | Oct 26, 2013 | Apr 29, 2026 |
| | CVE-2013-0337 | F5 | high | 7.5 | 0.9%
| | The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for… | Oct 27, 2013 | Apr 29, 2026 |
| | CVE-2013-4547 | F5 | high | 7.5 | 90.9%
| | nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restric… | Nov 23, 2013 | Apr 29, 2026 |
| | CVE-2012-2997 | F5 | medium | 4.0 | 8.8%
| | XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/server.php in F5 BIG-IP 10.0.0 … | Jan 21, 2014 | Apr 29, 2026 |
| | CVE-2012-3000 | F5 | high | 7.5 | 1.3%
| | Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebG… | Jan 30, 2014 | Apr 29, 2026 |
| | CVE-2013-6024 | F5 | medium | 4.4 | 0.1%
| | The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10… | Feb 10, 2014 | Apr 29, 2026 |
| | CVE-2014-0101 | F5 | high | 7.8 | 3.1%
| | The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does n… | Mar 11, 2014 | May 6, 2026 |
| | CVE-2014-0133 | F5 | high | 7.5 | 20.9%
| | Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before … | Mar 28, 2014 | May 6, 2026 |
| | CVE-2014-0088 | F5 | high | 7.5 | 2.6%
| | The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when runni… | Apr 29, 2014 | May 6, 2026 |
| | CVE-2014-0196 | F5 | medium | 5.5 | 48.6%
| ⚠ KEV | The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly… | May 7, 2014 | Apr 21, 2026 |
| | CVE-2014-2928 | F5 | high | 7.1 | 64.6%
| | The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and… | May 12, 2014 | May 6, 2026 |
| | CVE-2014-3959 | F5 | medium | 4.3 | 0.9%
| | Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, … | Jun 3, 2014 | May 6, 2026 |
| | CVE-2014-2949 | F5 | medium | 6.5 | 0.5%
| | SQL injection vulnerability in the web service in F5 ARX Data Manager 3.0.0 through 3.1.0 allows rem… | Jun 18, 2014 | May 6, 2026 |
| | CVE-2014-4027 | F5 | low | 2.3 | 0.1%
| | The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.1… | Jun 23, 2014 | May 6, 2026 |
| | CVE-2014-2927 | F5 | critical | 9.3 | 7.4%
| | The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 befor… | Oct 15, 2014 | May 6, 2026 |
| | CVE-2013-7408 | F5 | high | 7.5 | 0.6%
| | F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for … | Oct 26, 2014 | May 6, 2026 |
| | CVE-2014-4023 | F5 | medium | 4.3 | 0.4%
| | Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in … | Oct 28, 2014 | May 6, 2026 |
| | CVE-2014-6032 | F5 | medium | 5.5 | 2.5%
| | Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, AS… | Nov 1, 2014 | May 6, 2026 |
| | CVE-2014-8727 | F5 | medium | 6.2 | 0.2%
| | Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "… | Nov 17, 2014 | May 6, 2026 |
| | CVE-2014-3616 | F5 | medium | 4.3 | 2.4%
| | nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key fo… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-9342 | F5 | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Secur… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-8730 | F5 | medium | 4.3 | 3.1%
| | The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 1… | Dec 10, 2014 | May 6, 2026 |
| | CVE-2014-3556 | F5 | medium | 6.8 | 48.2%
| | The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6… | Dec 29, 2014 | May 6, 2026 |
| | CVE-2015-1050 | F5 | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application Security Manager (ASM) before 11.6… | Jan 15, 2015 | May 6, 2026 |
| | CVE-2014-9326 | F5 | medium | 4.3 | 0.2%
| | The automatic signature update functionality in the (1) Phone Home feature in F5 BIG-IP LTM, AAM, AF… | May 12, 2015 | May 6, 2026 |
| | CVE-2015-4047 | F5 | high | 7.8 | 2.7%
| | racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL poin… | May 29, 2015 | May 6, 2026 |
| | CVE-2015-4637 | F5 | medium | 4.3 | 0.4%
| | The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0 before HF2 and ADC 4.5.0 befor… | Jul 16, 2015 | May 6, 2026 |