57 matches found
F5 BIG-IP Next TMM Memory Resource Management Vulnerability
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A memory resource management vulnerability exists in the TMM module of BIG-IP Next. The vulnerability arises because after...
CVE-2025-55670
On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-55670
On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-58120
CVE-2025-58120 affects BIG-IP Next SPK, CNF, and Kubernetes (2.x branches). When HTTP/2 Ingress is configured, undisclosed traffic can trigger a NULL pointer dereference in the Traffic Management Microkernel (TMM), causing termination and a denial-of-service condition. Vulnerable known versions i...
CVE-2025-58120 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability
When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-58120 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability
When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-55670 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability
On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-55670 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability
On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-55670
The CVE-2025-55670 entry concerns BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes. Repeated undisclosed API calls can cause the Traffic Management Microkernel (TMM) to terminate, resulting in DoS for affected systems. Public references (NVD/Red Hat EU V) corroborate the same desc...
K000156623: BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability CVE-2025-58120
Security Advisory Description When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-58120 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote, unauthenticated attacker to cause a...
F5 BIG-IP Next SPK 代码问题漏洞
F5 BIG-IP Next SPK is a cloud-native application traffic management solution from F5 USA. A code issue vulnerability exists in F5 BIG-IP Next SPK, which stems from the possibility that undisclosed traffic in an HTTP/2 Ingress configuration could lead to the termination of the Traffic Management...
EUVD-2024-31342
Malicious code in bioql PyPI...
EUVD-2025-3166
Malicious code in bioql PyPI...
EUVD-2024-20825
Malicious code in bioql PyPI...
EUVD-2025-3673
Malicious code in bioql PyPI...
The vulnerability of the pg-cluster component of the BIG-IP Next Central Manage application programming interface allows a attacker to disclose protected information.
The vulnerability of the pg-cluster component of the BIG-IP Next Central Manage application programming interface is related to the disclosure of information through registration files. Exploiting this vulnerability can allow an attacker to disclose the protected information...
The vulnerability of the application software interface of the BIG-IP Next Central Manager lies in insufficient validation of input data, allowing a perpetrator to trigger a service failure.
The vulnerability of the application software interface of the BIG-IP Next Central Manager is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
CVE-2025-23413
When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-24319
When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-24319
When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...