5271 matches found
CVE-2025-61935 BIG-IP Advanced WAF and ASM vulnerability
When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-61935
CVE-2025-61935 affects BIG-IP Advanced WAF/ASM (bd process). Undisclosed requests can terminate the bd process, causing DoS-like disruption on BIG-IP data plane. Vulnerable when running BIG-IP Next/16.x? and 15.x ranges as listed (e.g., 17.5.0; 17.1.0–17.1.2; 15.1.0–15.1.10). Fixed in 17.5.1, 17....
CVE-2025-61938
When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...
CVE-2025-55669
When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-54858
CVE-2025-54858 affects BIG-IP Advanced WAF/ASM where a malformed JSON schema in a JSON content profile can cause the bd process to terminate on a configured virtual server, triggering DoS. Affected BIG-IP branches include BIG-IP Advanced WAF/ASM (16.x, 17.x) with fixes introduced in 17.5.1.3 and ...
CVE-2025-61938 BIG-IP Advanced WAF and ASM bd process vulnerability
When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...
CVE-2025-61938
CVE-2025-61938 affects BIG-IP Advanced WAF/ASM when a Data Guard Protection Enforcement URL exceeds 1024 characters, causing the bd process to terminate repeatedly and prompting a DoS risk. Exploitation details are not described beyond this configuration-based trigger in the provided sources. Mit...
CVE-2025-55669 BIG-IP HTTP/2 vulnerability
When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-55669
CVE-2025-55669 affects BIG-IP, specifically the HTTP/2 vulnerability impacting the Advanced WAF/ASM stack. Undisclosed traffic can terminate the Traffic Management Microkernel (TMM), causing DoS on new connections. Connected advisories list vulnerable branches and fixes: for BIG-IP ASM the fix is...
K000148512: BIG-IP Advanced WAF and ASM and NGINX App Protect DNS lookup vulnerability CVE-2025-58474
Security Advisory Description When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery SSRF protection or when an NGINX server is configured with App Protect Bot Defense, undisclosed requests can disrupt new client requests. CVE-2025-58474 Impact Traffic is...
K000156621: BIG-IP Advanced WAF and ASM vulnerability CVE-2025-54858
Security Advisory Description When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate. CVE-2025-54858...
K000154664: BIG-IP Advanced WAF and ASM vulnerability CVE-2025-61935
Security Advisory Description When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. CVE-2025-61935 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a remote,...
F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM vulnerability (K000156621)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.6.1 / 17.1.3 / 17.5.1.3. It is, therefore, affected by a vulnerability as referenced in the K000156621 advisory. When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content...
EUVD-2014-5581
Malware in sbrugna...
EUVD-2014-5621
Malware in sbrugna...
EUVD-2013-4095
Malware in sbrugna...
EUVD-2014-5544
Malware in sbrugna...
EUVD-2014-6924
Malware in sbrugna...
EUVD-2014-6828
Malware in sbrugna...
EUVD-2014-6790
Malware in sbrugna...