Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with the Resource Administrator or…
When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End o…
A vulnerability exists in iControl REST and the TMOS Shell (tmsh) where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running …
When a BIG-IP DNS profile enabled with DNS cache is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which…
When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol (LDAP) authentication, undisclosed traffic can cause the httpd process to exhaust the available file d…
Hiseeu C90 v5.7.15 is vulnerable to Insecure Permissions. The UART bootloader is accessible when battery is disconnected (hidden/debug mode).
U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Command Injection. The Network Time Protocol (NTP) configuration interface does not properly sanitize user-supplied input. A…
U-SPEED AC1200 Gigabit Wi-Fi Router (Model: T18-21K) V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control me…
An authenticated iControl SOAP user may be able to obtain information of other accounts. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a securit…
When Bidirectional Forwarding Detection (BFD) is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to stop processing BFD pack…
A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher priv…
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running ar…
A path injection vulnerability exists in OpenPLC v3 (2c82b0e79c53f8c1f1458eee15fec173400d6e1a) as the binary program compiled from glue_generator.cpp does not perform any validation on the file path …
When BIG-IP DNS is provisioned, a vulnerability exists in the gtm_add and bigip_add iControl REST commands that return the ssh-password parameter in cleartext in the iControl REST response and is als…
When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed iControl REST endpoint that may allow an authenticated attacker with administrator role privileges to cros…
An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. Note: Software versions which have re…
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. In AutoGPT, the execution process is recorded to the c…
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the mod_para parameter in the woal_init_module_param function.
striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack.