339 matches found
K000161056: BIG-IP APM vulnerability CVE-2026-40067
Security Advisory Description When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. CVE-2026-40067 Impact Traffic is disrupted while the apmd process restarts. This vulnerability allows an unauthenticated attacker to cause ...
VulnCheck KEV: CVE-2025-53521
When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution RCE. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2021-22980
In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility CTU for Windows could allow an attacker to load a malicious DLL library from its current directory. User...
CVE-2022-23021
On BIG-IP version 16.1.x before 16.1.2, when any of the following configurations are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate: HTTP redirect rule in an LTM policy, BIG-IP APM Access Profile, and Explicit HTTP Proxy in HTTP...
CVE-2025-61933
A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2025-34674
A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-61933
A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2025-34626
When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-61933
CVE-2025-61933 is a reflected cross-site scripting (XSS) vulnerability in BIG-IP APM. Affected versions of BIG-IP APM include 17.5.0–17.5.1, 17.1.0–17.1.2, 16.1.0–16.1.6, and 15.1.0–15.1.10. The fixed releases are 17.5.1.3, 17.1.3, 16.1.6.1, and 15.1.10.8 respectively. The issue allows an attacke...
CVE-2025-61933 BIG-IP APM cross-site scripting (XSS) vulnerability
A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-61960
When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-61960 BIG-IP APM portal access vulnerability
When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-61960 BIG-IP APM portal access vulnerability
When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-54854 BigIP APM Vulnerability
When a BIG-IP APM OAuth access profile Resource Server or Resource Client is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-53521 BigIP APM Vulnerability
When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution RCE. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-53521 BigIP APM Vulnerability
When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution RCE. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000156596: BIG-IP APM XSS vulnerability CVE-2025-61933
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. CVE-2025-61933. Impact An attacker may exploit this vulnerability by causing a use...
EUVD-2018-7213
Malware in sbrugna...
EUVD-2021-10165
Malware in sbrugna...
EUVD-2020-20228
Malware in sbrugna...