CVE-2025-29922

kcp is a Kubernetes-like control plane for form-factors and use-cases beyond Kubernetes and container workloads. Prior to 0.26.3, the identified vulnerability allows creating or deleting an object via the APIExport VirtualWorkspace in any arbitrary target workspace for pre-existing resources. By...

CVE-2025-29922

The CVE-2025-29922 issue affects kcp (the Kubernetes-like control plane) prior to 0.26.3, where the APIExport VirtualWorkspace can create or delete objects in any target workspace even without an APIBinding. Root cause: access controls around the APIExport VirtualWorkspace are insufficient, allow...

CVE-2025-20209

A vulnerability in the Internet Key Exchange version 2 IKEv2 function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets. This vulnerability is due to improper handling of malformed IKEv2 packets. An...

CVE-2025-20141

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. This vulnerability ...

CVE-2025-20141 Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerabillity

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. This vulnerability ...

CVE-2025-20141 Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerabillity

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. This vulnerability ...

CVE-2025-20141

CVE-2025-20141 affects Cisco IOS XR Software Release 7.9.2. The vulnerability arises from incorrect handling of packets punted from a line card to the route processor, enabling an unauthenticated adjacent attacker to disrupt control plane traffic on multiple IOS XR platforms. Exploitation involve...

Cisco IOS XR 安全漏洞

Cisco IOS XR is a set of operating systems developed by Cisco USA for its network devices. A security vulnerability exists in Cisco IOS XR version 7.9.2 that stems from incorrect handling of specific packets and could cause control plane traffic to stop working...

PT-2025-11104 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the Internet Key Exchange version 2 IKEv2 function could allow an unauthenticated, remote attacker to prevent an affected device from processing any control...

Linux Distros Unpatched Vulnerability : CVE-2024-53064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix idpfvccoreinit error path In an event where the platform running the device control plane is rebooted, reset is detected on the driver. It releases al...

CVE-2025-22891

When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...

K000148587: BIG-IP iControl REST and tmsh vulnerability CVE-2025-20029

Security Advisory Description A command injection vulnerability exists in iControl REST and the BIG-IP TMOS Shell tmsh, which may allow an authenticated attacker to execute arbitrary system commands. CVE-2025-20029 Impact An authenticated attacker may exploit this vulnerability by sending a craft...

K000140933: BIG-IP SNMP vulnerability CVE-2025-21091

Security Advisory Description When SNMP v1 or v2c are disabled on the BIG-IP system, undisclosed requests can cause an increase in memory resource utilization. CVE-2025-21091 Impact System performance can degrade until the snmpd process is either forced to restart or is manually restarted. This...

K000140578: BIG-IP Configuration utility vulnerability CVE-2025-24320

Security Advisory Description A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. This vulnerability is due to an incomplete fix for...

CVE-2024-20406

A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System IS-IS protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient...

PT-2025-5733 · F5 · Big-Ip Pem

Name of the Vulnerable Software and Affected Versions: BIG-IP PEM affected versions not specified Description: When the BIG-IP PEM Control Plane listener Virtual Server is configured with a Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client...

CVE-2023-52923

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

Privilege Escalation

github.com/karmada-io/karmada is vulnerable to Privilege Escalation. The vulnerability is due to pull mode clusters being registered with excessive access to control plane resources via the karmadactl register command, allowing them excessive privileges to control plane resources...

Wiz Research Identifies Exploitation in the Wild of Aviatrix Controller RCE (CVE-2024-50603)

The Wiz Incident Response team is currently responding to multiple incidents involving CVE-2024-50603, an Aviatrix Controller unauthenticated RCE vulnerability, that can lead to privileges escalation in the AWS control plane. Organizations should patch urgently...

CVE-2024-5872

On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as route flaps, multicast routes learnt, etc...