CVE-2025-61938

CVE-2025-61938 affects BIG-IP Advanced WAF/ASM when a Data Guard Protection Enforcement URL exceeds 1024 characters, causing the bd process to terminate repeatedly and prompting a DoS risk. Exploitation details are not described beyond this configuration-based trigger in the provided sources. Mit...

CVE-2025-61938 BIG-IP Advanced WAF and ASM bd process vulnerability

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

CVE-2025-61938 BIG-IP Advanced WAF and ASM bd process vulnerability

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

CVE-2025-58474

CVE-2025-58474 affects BIG-IP BIG-IP Advanced WAF/ASM and NGINX App Protect DNS lookup vulnerability. When BIG-IP Advanced WAF is on a virtual server with SSRF protection or NGINX App Protect Bot Defense is used, undisclosed requests can disrupt new client requests, enabling potential DoS on the ...

CVE-2025-59478 BIG-IP AFM DoS protection profile vulnerability

When a BIG-IP AFM denial-of-service DoS protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-58474 BIG-IP Advanced WAF and ASM and NGINX App Protect DNS lookup vulnerability

When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery SSRF protection or when an NGINX server is configured with App Protect Bot Defense, undisclosed requests can disrupt new client requests. Note: Software versions which have reached End of Technical Support...

CVE-2025-59478

CVE-2025-59478 affects BIG-IP AFM DoS protection profile on BIG-IP devices. The issue can cause the Traffic Management Microkernel (TMM) to terminate when handling undisclosed requests, resulting in a DoS condition. Affected combinations (per vendor advisories) include BIG-IP AFM with vulnerable ...

K000154696: F5 Security Incident

We want to share information with you about steps we’ve taken to resolve a security incident at F5 and our ongoing efforts to protect our customers. In August 2025, we learned a highly sophisticated nation-state threat actor maintained long-term, persistent access to, and downloaded files from,...

EUVD-2025-34591

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible UAFs This attemps to fix possible UAFs caused by struct mgmtpending being freed while still being processed like in the following trace, in order to fix mgmtpendingvalid is introduce and use to check...

EUVD-2025-34587

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKE...

CVE-2025-39988

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the...

UBUNTU-CVE-2025-39986

In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...

CVE-2025-39986

CVE-2025-39986 affects the Linux kernel sun4i_can CAN driver. Root cause: sun4i_can did not populate net_device_ops->ndo_change_mtu(), allowing an attacker to set an invalid MTU (e.g., 9999) via ip link and then use PF_PACKET with ETH_P_CANXL to inject frames. The PF_PACKET path only checks sk...

CVE-2025-55080

In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write...

CVE-2025-55080

In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write...

CVE-2025-55080 Improper Parameter Check in ThreadX Syscall Implementation

In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write...

EUVD-2025-34534

In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write...

CVE-2025-55080 Improper Parameter Check in ThreadX Syscall Implementation

In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write...

CVE-2025-55080

The vulnerability CVE-2025-55080 affects Eclipse ThreadX prior to version 6.4.3. Root cause: memory protection enabled, syscall parameter verification is insufficient, enabling an attacker to obtain an arbitrary memory read/write. Affected component: ThreadX RTOS (pre-6.4.3). Impact: arbitrary me...

PT-2025-42256

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to Bluetooth MGMT handling, potentially leading to use-after-free UAF conditions. This issue arises from the improper management of mgmt pending...