29 matches found
EUVD-2025-3166
Malicious code in bioql PyPI...
EUVD-2024-31342
Malicious code in bioql PyPI...
EUVD-2025-3673
Malicious code in bioql PyPI...
F5 BIG-IP Next Central Manager Input Validation Error Vulnerability
F5 BIG-IP Next Central Manager is a centralized console from F5 USA. An input validation error vulnerability exists in F5 BIG-IP Next Central Manager, which stems from mishandling of API requests, and can be exploited by an attacker to cause termination of the Kubernetes service via an undisclose...
CVE-2025-23413
When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-24319
When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-24319
When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-24319 BIG-IP Next Central Manager vulnerability
When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-24319 BIG-IP Next Central Manager vulnerability
When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-23413 BIG-IP Next Central Manager vulnerability
When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-23413
The CVE-2025-23413 vulnerability affects BIG-IP Next Central Manager. When users authenticate locally via webUI/API, sensitive data can be logged in pgaudit logs. Exploitation could allow an authenticated attacker with Administrator role to read undisclosed sensitive information through pgaudit. ...
CVE-2025-24319
CVE-2025-24319 affects BIG-IP Next Central Manager. The issue is an input validation error in the Central Manager API that can be exploited by an authenticated, low-privilege user to terminate the Kubernetes service on the Central Manager node, impacting availability. Root cause: mishandling of A...
CVE-2025-23413 BIG-IP Next Central Manager vulnerability
When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000148412: BIG-IP Next Central Manager vulnerability CVE-2025-24319
Security Advisory Description When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can cause the BIG-IP Next Central Manager Node's Kubernetes service to terminate. CVE-2025-24319 Impact This vulnerability may allow a low-privileged, authenticat...
K000149185: BIG-IP Next Central Manager logging vulnerability CVE-2025-23413
Security Advisory Description When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. CVE-2025-23413 Impact An authenticated attacker granted the Administrator role on a BIG-IP Next Central Manager...
K000148830: Linux kernel vulnerabilities CVE-2024-41090 and CVE-2024-41091
Security Advisory Description CVE-2024-41090 In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tapgetuserxdp path, which could cause a corrupted skb to ...
CVE-2024-37028
BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2024-37028 BIG-IP Next Central Manager vulnerability
BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
K000140552: Quarterly Security Notification (August 2024)
Security Advisory Description On August 14, 2024, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated...
K000140111: BIG-IP Next Central Manager vulnerability CVE-2024-39809
Security Advisory Description The BIG-IP Next Central Manager user session refresh token does not expire when a user logs out. CVE-2024-39809 Impact An attacker with access to obtain a user's session cookies can continue to use that session to access BIG-IP Next Central Manager and systems manage...