CVE-2026-2507

When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K000160003)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.5.1.5 / Hotfix- BIGIP-17.5.1.4.0.17.20-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000160003 advisory. When BIG-IP AFM or BIG-IP DDoS Hybrid Defender is provisioned, undisclosed traffic...

PT-2026-20463

Name of the Vulnerable Software and Affected Versions BIG-IP AFM and BIG-IP DDoS affected versions not specified Description Undisclosed traffic can cause Traffic Management Microkernel TMM to terminate when BIG-IP Application Firewall AFM or BIG-IP Distributed Denial of Service DDoS is...

EUVD-2017-15207

Malware in sbrugna...

CVE-2024-25560

When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP AFM 代码问题漏洞

F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. F5 BIG-IP AFM has a code issue vulnerability that can be exploited by attackers to upload maliciously crafted files and execute arbitrary commands...

CVE-2022-23018

On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel TMM...

F5 BIG-IP APM和F5 BIG-IP SQL注入漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A SQL injection vulnerability exists in F5 BIG-IP AFM. The vulnerability allows an authenticated attacker to execute maliciou...

F5 BIG-IP Cross-Site Scripting Vulnerability (CNVD-2019-30622)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A cross-site scripting vulnerability exists in F5 BIG-IP AFM and PEM, which can be exploited by an attacker to execute...

CVE-2019-6639

On BIG-IP AFM, PEM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, an undisclosed TMUI pages for AFM and PEM Subscriber management are vulnerable to a stored cross-site scripting XSS issue. This is a control plane issue only and is not...

F5 Networks BIG-IP : BIG-IP SNMPD vulnerability (K12139752)

Under certain conditions, the snmpd process may leak memory on a multi-blade BIG-IP Virtual Clustered Multiprocessing vCMP guest when processing authorized SNMP requests. CVE-2019-6608 Impact Over time, the snmpd process consumes excessive memory, forcing the BIG-IP system to slow down and...

F5 Networks BIG-IP : SSL forward proxy vulnerability (K64552448)

Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic. CVE-2018-5534 Impact This vulnerability may allow a remote attacker to cause the Traffic Management Microkernel TMM to produc...

F5 BIG-IP AFM and ASM Unauthorized Access Vulnerability

F5 BIG-IP AFM and ASM are both products of F5 Corporation of the U.S.A. F5 BIG-IP AFM is an advanced firewall product designed to mitigate DDos attacks, and ASM is a Web Application Firewall WAF that provides secure remote access, protects email, and simplifies Web access control while enhancing...

F5 BIG-IP Advanced Firewall Manager Man-in-the-Middle Attack Vulnerability

F5 BIG-IP Advanced Firewall Manager AFM is a firewall manager from F5 USA that scales to stop high-volume DDoS attacks that can overwhelm load balancers, firewalls, and even networks.The Configuration utility... A security vulnerability exists in the early access "user id" feature in F5 BIG-IP AF...

CVE-2017-6142

Summary : CVE-2017-6142 affects F5 BIG-IP AFM. The early-access"user id" feature on BIG-IP AFM versions 13.0.0, 12.1.0–12.1.2, and 11.6.0–11.6.2 fails to validate the remote server’s identity due to incorrect X.509 certificate verification, enabling potential Man‑in‑the‑Middle attacks for Network...

F5 BIG-IP Advanced Firewall Manager Configuration utility SQL Injection Vulnerability

F5 BIG-IP Advanced Firewall Manager AFM is a firewall manager from F5 USA that scales to stop high-volume DDoS attacks that can overwhelm load balancers, firewalls, and even networks.The Configuration utility... An SQL injection vulnerability exists in Configuration utility in F5 BIG-IP AFM. A...

F5 Networks BIG-IP : Linux kernel vulnerability (K81211720)

The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft lockup via vectors involving a TCP packet with the URG flag. CVE-2017-6214 C Tenable Network Security, Inc. The descriptive text and package...

F5 Networks BIG-IP : libxml2 vulnerability (K14338030)

The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document. CVE-2016-1762 File data f5bigipSOL14338030.nasl...

F5 Networks BIG-IP : GnuTLS vulnerability (SOL15637)

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. C Tenable Network Security, Inc. The...