An authenticated attacker granted a Viewer or Auditor role on a BIG-IQ can upload arbitrary files using an undisclosed iControl REST endpoint. Note: Software versions which have reached End of Tec ...
Continue Reading
May 03, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Moris Dov Stock market charts from finviz plugin Read More ...
Continue Reading
May 03, 2023
When UDP profile with idle timeout set to immediate or the value 0 is configured on a virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End ...
Continue Reading
May 03, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Table Builder plugin Read More ...
Continue Reading
May 03, 2023
A directory traversal vulnerability exists in an undisclosed page of the BIG-IP Configuration utility which may allow an authenticated attacker to read files with .xml extension. Access to restricted ...
Continue Reading
May 03, 2023
When DNS is provisioned, an authenticated remote command execution vulnerability exists in DNS iQuery mesh. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated ...
Continue Reading
May 03, 2023
Multiple reflected cross-site scripting (XSS) vulnerabilities exist in undisclosed pages of the BIG-IP Configuration utility which allow an attacker to run JavaScript in the context of the currently l ...
Continue Reading
May 03, 2023
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sergey Panasenko Sponsors Carousel plugin Read More ...
Continue Reading
May 03, 2023
Back to Main
