| | CVE-2016-6876 |  F5 | high | 7.5 | 0.7%
| | The RESOLV::lookup iRule command in F5 BIG-IP LTM, APM, ASM, and Link Controller 10.2.1 through 10.2… | Sep 7, 2016 | May 6, 2026 |
| | CVE-2016-5022 | F5 | critical | 9.8 | 3.1%
| | F5 BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.x before 11.2.1 HF16, 11.3.x, 11.4.x, 1… | Sep 7, 2016 | May 6, 2026 |
| | CVE-2016-5023 | F5 | high | 7.5 | 3.0%
| | Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 throu… | Aug 26, 2016 | May 6, 2026 |
| | CVE-2016-1497 | F5 | medium | 4.9 | 0.2%
| | The Configuration utility in F5 BIG-IP systems 11.0.x, 11.1.x, 11.2.x before 11.2.1 HF16, 11.3.x, 11… | Aug 26, 2016 | May 6, 2026 |
| | CVE-2016-5736 | F5 | high | 7.5 | 1.1%
| | The default configuration of the IPsec IKE peer listener in F5 BIG-IP LTM, Analytics, APM, ASM, and … | Aug 19, 2016 | May 6, 2026 |
| | CVE-2015-8022 | F5 | high | 7.5 | 0.5%
| | The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x befor… | Aug 19, 2016 | May 6, 2026 |
| | CVE-2015-5738 | F5 | high | 7.5 | 0.8%
| | The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II … | Jul 26, 2016 | May 6, 2026 |
| | CVE-2016-5020 | F5 | high | 8.8 | 1.8%
| | F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of… | Jun 30, 2016 | May 6, 2026 |
| | CVE-2016-5021 | F5 | medium | 4.9 | 0.2%
| | The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM … | Jun 24, 2016 | May 6, 2026 |
| | CVE-2016-3687 | F5 | medium | 5.3 | 0.4%
| | Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x before 11.6.0 HF6 an… | Jun 16, 2016 | May 6, 2026 |
| | CVE-2016-4545 | F5 | high | 7.5 | 1.2%
| | Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause … | Jun 7, 2016 | May 6, 2026 |
| | CVE-2016-4450 | F5 | high | 7.5 | 3.5%
| | os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause… | Jun 7, 2016 | May 6, 2026 |
| | CVE-2015-8099 | F5 | medium | 5.9 | 1.0%
| | F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10,… | May 13, 2016 | May 6, 2026 |
| | CVE-2016-3686 | F5 | medium | 5.9 | 0.5%
| | The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x before 11.6.0 HF6 and BIG-IP Edge Gateway 11.… | Apr 13, 2016 | May 6, 2026 |
| | CVE-2016-2084 | F5 | high | 7.4 | 0.5%
| | F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 build… | Apr 13, 2016 | May 6, 2026 |
| | CVE-2015-8021 | F5 | medium | 4.3 | 0.1%
| | Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, AS… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2015-8240 | F5 | high | 7.5 | 1.2%
| | The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link … | Apr 11, 2016 | May 6, 2026 |
| | CVE-2015-7547 | F5 | high | 8.1 | 94.0%
| | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv … | Feb 18, 2016 | May 6, 2026 |
| | CVE-2016-0747 | F5 | medium | 5.3 | 20.0%
| | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution,… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2016-0746 | F5 | critical | 9.8 | 6.3%
| | Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 a… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2016-0742 | F5 | high | 7.5 | 78.8%
| | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2015-5516 | F5 | high | 7.5 | 1.6%
| | Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x … | Jan 20, 2016 | May 6, 2026 |
| | CVE-2015-8611 | F5 | critical | 9.8 | 3.6%
| | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 20… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-7759 | F5 | low | 3.7 | 0.8%
| | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP … | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-7393 | F5 | high | 7.4 | 0.1%
| | dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 befor… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-8098 | F5 | critical | 9.8 | 10.9%
| | F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow rem… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-3628 | F5 | critical | 9.0 | 75.2%
| | The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before … | Dec 7, 2015 | May 6, 2026 |
| | CVE-2015-7394 | F5 | critical | 9.0 | 1.3%
| | The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before … | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-6546 | F5 | medium | 6.1 | 0.3%
| | The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, … | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-4638 | F5 | medium | 5.0 | 0.7%
| | The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and… | Sep 18, 2015 | May 6, 2026 |
| | CVE-2015-4040 | F5 | medium | 4.0 | 6.8%
| | Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterp… | Sep 17, 2015 | May 6, 2026 |
| | CVE-2015-5058 | F5 | high | 7.8 | 0.8%
| | Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Li… | Aug 24, 2015 | May 6, 2026 |
| | CVE-2015-4637 | F5 | medium | 4.3 | 0.4%
| | The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0 before HF2 and ADC 4.5.0 befor… | Jul 16, 2015 | May 6, 2026 |
| | CVE-2015-4047 | F5 | high | 7.8 | 2.7%
| | racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL poin… | May 29, 2015 | May 6, 2026 |
| | CVE-2014-9326 | F5 | medium | 4.3 | 0.2%
| | The automatic signature update functionality in the (1) Phone Home feature in F5 BIG-IP LTM, AAM, AF… | May 12, 2015 | May 6, 2026 |
| | CVE-2015-1050 | F5 | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application Security Manager (ASM) before 11.6… | Jan 15, 2015 | May 6, 2026 |
| | CVE-2014-3556 | F5 | medium | 6.8 | 48.2%
| | The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6… | Dec 29, 2014 | May 6, 2026 |
| | CVE-2014-8730 | F5 | medium | 4.3 | 3.1%
| | The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 1… | Dec 10, 2014 | May 6, 2026 |
| | CVE-2014-9342 | F5 | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Secur… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-3616 | F5 | medium | 4.3 | 2.4%
| | nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key fo… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-8727 | F5 | medium | 6.2 | 0.2%
| | Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "… | Nov 17, 2014 | May 6, 2026 |
| | CVE-2014-6032 | F5 | medium | 5.5 | 2.5%
| | Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, AS… | Nov 1, 2014 | May 6, 2026 |
| | CVE-2014-4023 | F5 | medium | 4.3 | 0.4%
| | Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in … | Oct 28, 2014 | May 6, 2026 |
| | CVE-2013-7408 | F5 | high | 7.5 | 0.6%
| | F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for … | Oct 26, 2014 | May 6, 2026 |
| | CVE-2014-2927 | F5 | critical | 9.3 | 7.4%
| | The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 befor… | Oct 15, 2014 | May 6, 2026 |
| | CVE-2014-4027 | F5 | low | 2.3 | 0.1%
| | The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.1… | Jun 23, 2014 | May 6, 2026 |
| | CVE-2014-2949 | F5 | medium | 6.5 | 0.5%
| | SQL injection vulnerability in the web service in F5 ARX Data Manager 3.0.0 through 3.1.0 allows rem… | Jun 18, 2014 | May 6, 2026 |
| | CVE-2014-3959 | F5 | medium | 4.3 | 0.9%
| | Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, … | Jun 3, 2014 | May 6, 2026 |
| | CVE-2014-2928 | F5 | high | 7.1 | 64.6%
| | The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and… | May 12, 2014 | May 6, 2026 |
| | CVE-2014-0196 | F5 | medium | 5.5 | 48.6%
| ⚠ KEV | The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly… | May 7, 2014 | Apr 21, 2026 |