8458 matches found
EUVD-2026-29976
When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel QuickAssist Technology QAT or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to...
EUVD-2026-29977
When SSL profiles are configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29984
When BIG-IP PEM iRules are configured on a virtual server iRules using commands starting with CLASSIFICATION::, CLASSIFY::, PEM::, PSC::, and the urlcatquery command, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End...
EUVD-2026-29970
When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In Appliance mode...
EUVD-2026-29982
A cross-site request forgery CSRF vulnerability exists in the dashboard of the BIG-IP Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29973
When configured, IP-based access restrictions for httpd do not cover all endpoints, which may allow connections from blocked addresses. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29994
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29958
When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed iControl REST endpoint that may allow an authenticated attacker with administrator role privileges to cross a security boundary and delete files. Note: Software versions which have reached End of Technica...
EUVD-2026-29969
When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29967
When a BIG-IP DNS profile enabled with DNS cache is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29963
When Bidirectional Forwarding Detection BFD is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel TMM to stop processing BFD packets and cause the configured routing protocol to fail over. Note: Software versions which have reached...
EUVD-2026-29965
An authenticated iControl SOAP user may be able to obtain information of other accounts. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29966
When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol LDAP authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical Support EoTS are not...
CVE-2026-42408
When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed TMOS Shell tmsh command that may allow a highly privileged authenticated attacker to view sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-42406
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. Note: Software versions which have reached End of Technical Support EoTS are...
CVE-2026-42063
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-41953
A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-41956
When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40699
A vulnerability exists in the undisclosed pages in the Configuration utility that may allow a low-privileged authenticated attacker to access to undisclosed sensitive information. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40629
When SSL profiles are configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...