| | CVE-2015-8021 | F5 | medium | 4.3 | 0.1%
| | Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, AS… | Apr 12, 2016 | May 6, 2026 |
| | CVE-2015-8240 | F5 | high | 7.5 | 1.2%
| | The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link … | Apr 11, 2016 | May 6, 2026 |
| | CVE-2015-7547 | F5 | high | 8.1 | 94.0%
| | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv … | Feb 18, 2016 | May 6, 2026 |
| | CVE-2016-0747 | F5 | medium | 5.3 | 20.0%
| | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution,… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2016-0746 | F5 | critical | 9.8 | 6.3%
| | Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 a… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2016-0742 | F5 | high | 7.5 | 78.8%
| | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial… | Feb 15, 2016 | May 6, 2026 |
| | CVE-2015-5516 | F5 | high | 7.5 | 1.6%
| | Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x … | Jan 20, 2016 | May 6, 2026 |
| | CVE-2015-8611 | F5 | critical | 9.8 | 3.6%
| | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 20… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-7759 | F5 | low | 3.7 | 0.8%
| | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP … | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-7393 | F5 | high | 7.4 | 0.1%
| | dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0 befor… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-8098 | F5 | critical | 9.8 | 10.9%
| | F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow rem… | Jan 12, 2016 | May 6, 2026 |
| | CVE-2015-3628 | F5 | critical | 9.0 | 75.2%
| | The iControl API in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.0 before … | Dec 7, 2015 | May 6, 2026 |
| | CVE-2015-7394 | F5 | critical | 9.0 | 1.3%
| | The datastor kernel module in F5 BIG-IP Analytics, APM, ASM, Link Controller, and LTM 11.1.0 before … | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-6546 | F5 | medium | 6.1 | 0.3%
| | The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, … | Nov 6, 2015 | May 6, 2026 |
| | CVE-2015-4638 | F5 | medium | 5.0 | 0.7%
| | The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and… | Sep 18, 2015 | May 6, 2026 |
| | CVE-2015-4040 | F5 | medium | 4.0 | 6.8%
| | Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterp… | Sep 17, 2015 | May 6, 2026 |
| | CVE-2015-5058 | F5 | high | 7.8 | 0.8%
| | Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Li… | Aug 24, 2015 | May 6, 2026 |
| | CVE-2015-4637 | F5 | medium | 4.3 | 0.4%
| | The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0 before HF2 and ADC 4.5.0 befor… | Jul 16, 2015 | May 6, 2026 |
| | CVE-2015-4047 | F5 | high | 7.8 | 2.7%
| | racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL poin… | May 29, 2015 | May 6, 2026 |
| | CVE-2014-9326 | F5 | medium | 4.3 | 0.2%
| | The automatic signature update functionality in the (1) Phone Home feature in F5 BIG-IP LTM, AAM, AF… | May 12, 2015 | May 6, 2026 |
| | CVE-2015-1050 | F5 | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in F5 BIG-IP Application Security Manager (ASM) before 11.6… | Jan 15, 2015 | May 6, 2026 |
| | CVE-2014-3556 | F5 | medium | 6.8 | 48.2%
| | The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6… | Dec 29, 2014 | May 6, 2026 |
| | CVE-2014-8730 | F5 | medium | 4.3 | 3.1%
| | The SSL profiles component in F5 BIG-IP LTM, APM, and ASM 10.0.0 through 10.2.4 and 11.0.0 through 1… | Dec 10, 2014 | May 6, 2026 |
| | CVE-2014-9342 | F5 | medium | 4.3 | 0.3%
| | Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Secur… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-3616 | F5 | medium | 4.3 | 2.4%
| | nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key fo… | Dec 8, 2014 | May 6, 2026 |
| | CVE-2014-8727 | F5 | medium | 6.2 | 0.2%
| | Multiple directory traversal vulnerabilities in F5 BIG-IP before 10.2.2 allow local users with the "… | Nov 17, 2014 | May 6, 2026 |
| | CVE-2014-6032 | F5 | medium | 5.5 | 2.5%
| | Multiple XML External Entity (XXE) vulnerabilities in the Configuration utility in F5 BIG-IP LTM, AS… | Nov 1, 2014 | May 6, 2026 |
| | CVE-2014-4023 | F5 | medium | 4.3 | 0.4%
| | Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in the Configuration utility in … | Oct 28, 2014 | May 6, 2026 |
| | CVE-2013-7408 | F5 | high | 7.5 | 0.6%
| | F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier for … | Oct 26, 2014 | May 6, 2026 |
| | CVE-2014-2927 | F5 | critical | 9.3 | 7.4%
| | The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 befor… | Oct 15, 2014 | May 6, 2026 |
| | CVE-2014-4027 | F5 | low | 2.3 | 0.1%
| | The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.1… | Jun 23, 2014 | May 6, 2026 |
| | CVE-2014-2949 | F5 | medium | 6.5 | 0.5%
| | SQL injection vulnerability in the web service in F5 ARX Data Manager 3.0.0 through 3.1.0 allows rem… | Jun 18, 2014 | May 6, 2026 |
| | CVE-2014-3959 | F5 | medium | 4.3 | 0.9%
| | Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, … | Jun 3, 2014 | May 6, 2026 |
| | CVE-2014-2928 | F5 | high | 7.1 | 64.6%
| | The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and… | May 12, 2014 | May 6, 2026 |
| | CVE-2014-0196 | F5 | medium | 5.5 | 48.6%
| ⚠ KEV | The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly… | May 7, 2014 | Apr 21, 2026 |
| | CVE-2014-0088 | F5 | high | 7.5 | 2.6%
| | The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when runni… | Apr 29, 2014 | May 6, 2026 |
| | CVE-2014-0133 | F5 | high | 7.5 | 20.9%
| | Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before … | Mar 28, 2014 | May 6, 2026 |
| | CVE-2014-0101 | F5 | high | 7.8 | 3.1%
| | The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does n… | Mar 11, 2014 | May 6, 2026 |
| | CVE-2013-6024 | F5 | medium | 4.4 | 0.1%
| | The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10… | Feb 10, 2014 | Apr 29, 2026 |
| | CVE-2012-3000 | F5 | high | 7.5 | 1.3%
| | Multiple SQL injection vulnerabilities in sam/admin/reports/php/saveSettings.php in the (1) APM WebG… | Jan 30, 2014 | Apr 29, 2026 |
| | CVE-2012-2997 | F5 | medium | 4.0 | 8.8%
| | XML External Entity (XXE) vulnerability in sam/admin/vpe2/public/php/server.php in F5 BIG-IP 10.0.0 … | Jan 21, 2014 | Apr 29, 2026 |
| | CVE-2013-4547 | F5 | high | 7.5 | 90.9%
| | nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restric… | Nov 23, 2013 | Apr 29, 2026 |
| | CVE-2013-0337 | F5 | high | 7.5 | 0.9%
| | The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for… | Oct 27, 2013 | Apr 29, 2026 |
| | CVE-2013-6016 | F5 | high | 7.8 | 1.3%
| | The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, APM, ASM, Edge Gateway, GTM, Link Control… | Oct 26, 2013 | Apr 29, 2026 |
| | CVE-2013-5976 | F5 | medium | 4.3 | 0.5%
| | Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP … | Oct 1, 2013 | Apr 29, 2026 |
| | CVE-2013-5975 | F5 | medium | 4.3 | 0.5%
| | The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 through 11.2.1 allows remote attack… | Oct 1, 2013 | Apr 29, 2026 |
| | CVE-2013-0150 | F5 | critical | 9.3 | 1.1%
| | Directory traversal vulnerability in an unspecified signed Java applet in the client-side components… | Aug 9, 2013 | Apr 29, 2026 |
| | CVE-2013-2070 | F5 | medium | 5.8 | 4.6%
| | http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when prox… | Jul 20, 2013 | Apr 29, 2026 |
| | CVE-2013-2028 | F5 | high | 7.5 | 93.0%
| | The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows rem… | Jul 20, 2013 | Apr 29, 2026 |
| | CVE-2012-3163 | F5 | critical | 9.0 | 1.0%
| | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.… | Oct 17, 2012 | Apr 29, 2026 |