Every CVE whose affected-product data names F5 Firepass, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2014-2927 — CVSS 9.3 (critical): The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before…
CVE-2013-0150 — CVSS 9.3 (critical): Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4…
CVE-2011-3188 — CVSS 9.1 (critical): The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and…
CVE-2007-0187 — CVSS 7.5 (high): F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via (1) a trailing null byte, (2) multiple leading…
CVE-2012-1777 — CVSS 7.5 (high): SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 allows remote attackers to execute arbitrary…
CVE-2012-2053 — CVSS 7.2 (high): The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing…
CVE-2007-0188 — CVSS 6.5 (medium): F5 FirePass 5.4 through 5.5.1 does not properly enforce host access restrictions when a client uses a single integer (dword) representation…
CVE-2013-3587 — CVSS 5.9 (medium): The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the…
CVE-2007-0195 — CVSS 5.0 (medium): my.activation.php3 in F5 FirePass 5.4 through 5.5.1 and 6.0 displays different error messages for failed login attempts with a valid…
CVE-2013-6024 — CVSS 4.4 (medium): The Edge Client components in F5 BIG-IP APM 10.x, 11.x, 12.x, 13.x, and 14.x, BIG-IP Edge Gateway 10.x and 11.x, and FirePass 7.0.0 allow…