Show filters
172 Total Results
Displaying 61-70 of 172
Sort by:
Attacker Value
Unknown

CVE-2019-3738

Disclosure Date: September 18, 2019 (last updated November 08, 2023)
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
Attacker Value
Unknown

CVE-2019-3739

Disclosure Date: September 18, 2019 (last updated November 08, 2023)
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
Attacker Value
Unknown

CVE-2019-3740

Disclosure Date: September 18, 2019 (last updated November 08, 2023)
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
Attacker Value
Unknown

CVE-2019-6625

Disclosure Date: July 03, 2019 (last updated November 27, 2024)
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI) also known as the BIG-IP Configuration utility.
0
Attacker Value
Unknown

CVE-2019-6629

Disclosure Date: July 03, 2019 (last updated November 08, 2023)
On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to the control plane.
Attacker Value
Unknown

CVE-2019-6633

Disclosure Date: July 03, 2019 (last updated November 27, 2024)
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4, when the BIG-IP system is licensed with Appliance mode, user accounts with Administrator and Resource Administrator roles can bypass Appliance mode restrictions.
Attacker Value
Unknown

CVE-2019-6631

Disclosure Date: July 03, 2019 (last updated November 08, 2023)
On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation may cause an interruption to service when processing traffic handled by a Virtual Server with an associated HTTP profile, in specific circumstances, when the requests do not strictly conform to RFCs.
Attacker Value
Unknown

CVE-2016-5236

Disclosure Date: July 01, 2019 (last updated November 27, 2024)
Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe Alert Server, allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature.
0
Attacker Value
Unknown

CVE-2016-5235

Disclosure Date: July 01, 2019 (last updated November 27, 2024)
A Cross Site Scripting (XSS) vulnerability in versions of F5 WebSafe Dashboard 3.9.x and earlier, aka F5 WebSafe Alert Server, allows an unauthenticated user to inject HTML via a crafted alert.
0
Attacker Value
Unknown

CVE-2019-6615

Disclosure Date: May 03, 2019 (last updated November 27, 2024)
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems.