Show filters
172 Total Results
Displaying 61-70 of 172
Sort by:
Attacker Value
Unknown
CVE-2019-3738
Disclosure Date: September 18, 2019 (last updated November 08, 2023)
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
0
Attacker Value
Unknown
CVE-2019-3739
Disclosure Date: September 18, 2019 (last updated November 08, 2023)
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
0
Attacker Value
Unknown
CVE-2019-3740
Disclosure Date: September 18, 2019 (last updated November 08, 2023)
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
0
Attacker Value
Unknown
CVE-2019-6625
Disclosure Date: July 03, 2019 (last updated November 27, 2024)
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI) also known as the BIG-IP Configuration utility.
0
Attacker Value
Unknown
CVE-2019-6629
Disclosure Date: July 03, 2019 (last updated November 08, 2023)
On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to the control plane.
0
Attacker Value
Unknown
CVE-2019-6633
Disclosure Date: July 03, 2019 (last updated November 27, 2024)
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4, when the BIG-IP system is licensed with Appliance mode, user accounts with Administrator and Resource Administrator roles can bypass Appliance mode restrictions.
0
Attacker Value
Unknown
CVE-2019-6631
Disclosure Date: July 03, 2019 (last updated November 08, 2023)
On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs.
0
Attacker Value
Unknown
CVE-2016-5236
Disclosure Date: July 01, 2019 (last updated November 27, 2024)
Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe Alert Server, allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature.
0
Attacker Value
Unknown
CVE-2016-5235
Disclosure Date: July 01, 2019 (last updated November 27, 2024)
A Cross Site Scripting (XSS) vulnerability in versions of F5 WebSafe Dashboard 3.9.x and earlier, aka F5 WebSafe Alert Server, allows an unauthenticated user to inject HTML via a crafted alert.
0
Attacker Value
Unknown
CVE-2019-6615
Disclosure Date: May 03, 2019 (last updated November 27, 2024)
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems.
0