PT-2025-48303

Name of the Vulnerable Software and Affected Versions Huawei HarmonyOS version 5.1.0 Description A permission control issue exists within the memory management module. Successful exploitation of this issue may lead to a compromise of confidentiality. The issue allows unprivileged local attackers ...

CVE-2025-60645

A Cross-Site Request Forgery CSRF in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request...

CVE-2025-60645

A Cross-Site Request Forgery CSRF in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request...

CVE-2025-60645

A Cross-Site Request Forgery CSRF in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request...

CVE-2025-60645

A Cross-Site Request Forgery CSRF in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request...

CVE-2025-60645

A Cross-Site Request Forgery CSRF in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request...

xxl-api 安全漏洞

xxl-api is an interface management platform for Xu Xueli's individual developers. A security vulnerability exists in xxl-api v1.3.0, which stems from a cross-site request forgery in the management module that could lead to arbitrary user additions...

pig 安全漏洞

pig is a privilege management system of pig-mesh open source. A security vulnerability exists in pig 3.8.2 and earlier versions. The vulnerability stems from an improper privilege validation issue in the token query interface /api/admin/sys-token/page of the token management function in the syste...

F5 BIG-IP TMM Data Tampering Vulnerability

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A data tampering vulnerability exists in the TMM module of BIG-IP, which arises because undisclosed traffic can lead to data...

F5 BIG-IP TMM Module Denial of Service Vulnerability

5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A denial-of-service vulnerability exists in the TMM module of the BIG-IP system, which arises because undisclosed traffic could...

CVE-2025-53521

CVE-2025-53521 affects BIG-IP APM (Big-IP APM vulnerability) where undisclosed traffic on a virtual server can cause TMM termination, leading to DoS and disruption of traffic. Public docs show affected branches: BIG-IP APM 17.x (17.5.0–17.5.1 and 17.1.0–17.1.2; also 16.1.0–16.1.6; 15.1.0–15.1.10)...

CVE-2025-58424

CVE-2025-58424 affects BIG-IP TMM on BIG-IP platforms. The issue arises from undisclosed traffic that can cause data corruption and unauthorized data modification in protocols without message integrity protection, enabling an attacker to inject malicious data into active TCP connections (e.g., wh...

K000156912: BIG-IP TMM vulnerability CVE-2025-61990

Security Advisory Description When using a multi-bladed platform with more than one active blade, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-61990 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote,...

K000156707: BIG-IP TMM vulnerability CVE-2025-53856

Security Advisory Description When a virtual server, network address translation NAT object, or secure network address translation SNAT object uses the embedded Packet Velocity Acceleration ePVA feature, and the Auto Last Hop setting is disabled, undisclosed traffic can cause the Traffic Manageme...

Huawei HarmonyOS storage management module memory misreference vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A memory misreference vulnerability exists in the Huawei HarmonyOS storage management module, which can be exploited by attackers to affect availability...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A security vulnerability exists in F5 BIG-IP that originates from a virtual server configured with an iRule that uses the ILX::call command...

Huawei HarmonyOS device management module buffer overflow vulnerability vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer overflow vulnerability exists in the Huawei HarmonyOS device management module and can be exploited by an attacker to affect availability...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A security vulnerability exists in F5 BIG-IP that stems from undisclosed traffic that could lead to TMM termination...

CVE-2025-58300

Buffer overflow vulnerability in the device management module. Successful exploitation of this vulnerability may affect availability...

CVE-2025-58299

Use After Free UAF vulnerability in the storage management module. Successful exploitation of this vulnerability may affect availability...