F5 BIG-IP Next TMM Memory Resource Management Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A memory resource management vulnerability exists in the TMM module of BIG-IP Next. The vulnerability arises because after...

CVE-2025-55670

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-55670

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-58120

CVE-2025-58120 affects BIG-IP Next SPK, CNF, and Kubernetes (2.x branches). When HTTP/2 Ingress is configured, undisclosed traffic can trigger a NULL pointer dereference in the Traffic Management Microkernel (TMM), causing termination and a denial-of-service condition. Vulnerable known versions i...

CVE-2025-58120 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-58120 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-55670 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-55670 BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-55670

The CVE-2025-55670 entry concerns BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes. Repeated undisclosed API calls can cause the Traffic Management Microkernel (TMM) to terminate, resulting in DoS for affected systems. Public references (NVD/Red Hat EU V) corroborate the same desc...

K000156623: BIG-IP Next (CNF, SPK, and Kubernetes) vulnerability CVE-2025-58120

Security Advisory Description When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-58120 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote, unauthenticated attacker to cause a...

F5 BIG-IP Next SPK 代码问题漏洞

F5 BIG-IP Next SPK is a cloud-native application traffic management solution from F5 USA. A code issue vulnerability exists in F5 BIG-IP Next SPK, which stems from the possibility that undisclosed traffic in an HTTP/2 Ingress configuration could lead to the termination of the Traffic Management...

EUVD-2025-3166

Malicious code in bioql PyPI...

EUVD-2024-31342

Malicious code in bioql PyPI...

EUVD-2024-20825

Malicious code in bioql PyPI...

EUVD-2025-3673

Malicious code in bioql PyPI...

CVE-2025-23413

When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-24319

When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-24319

When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-23413

The CVE-2025-23413 vulnerability affects BIG-IP Next Central Manager. When users authenticate locally via webUI/API, sensitive data can be logged in pgaudit logs. Exploitation could allow an authenticated attacker with Administrator role to read undisclosed sensitive information through pgaudit. ...

CVE-2025-24319 BIG-IP Next Central Manager vulnerability

When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...