K000156746: BIG-IP IPsec vulnerability CVE-2025-58071

Security Advisory Description When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-58071 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote, unauthenticated attacker t...

EUVD-2019-16159

Malware in sbrugna...

EUVD-2020-27070

Malware in sbrugna...

EUVD-2019-16205

Malware in sbrugna...

EUVD-2018-7188

Malware in sbrugna...

EUVD-2021-10096

Malware in sbrugna...

EUVD-2022-52936

Malicious code in bioql PyPI...

CVE-2022-23022

On BIG-IP version 16.1.x before 16.1.2, when an HTTP profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2019-6635

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, when the BIG-IP system is licensed for Appliance mode, a user with either the Administrator or the Resource Administrator role can bypass Appliance mode restrictions...

CVE-2019-6632

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, under certain circumstances, attackers can decrypt configuration items that are encrypted because the vCMP configuration unit key is generated with insufficient randomness. The attack prerequisite is direct access to...

CVE-2025-35995

CVE-2025-35995 affects BIG-IP PEM when URL categorization is licensed and the URL categorization policy or a iRule using the urlcat command is enabled on a virtual server. Undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate, resulting in traffic disruption while T...

CVE-2025-21091

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2020-5902

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface TMUI, also referred to as the Configuration utility, has a Remote Code Execution RCE vulnerability in undisclosed pages...

Cisco Adaptive Security Appliance Ipsec Code Denial of Service Vulnerability

Cisco Adaptive Security Appliance ASA, Adaptive Security Appliance is a set of firewall appliances from the American company Cisco Cisco. The appliance also includes IPS Intrusion Prevention System, SSL VPN, IPSec VPN, anti-spam and other features. The Cisco ASA has a security vulnerability in it...