253 matches found
EUVD-2026-29974
When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of rate limiting. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2026-29990
When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
PT-2026-40639
Name of the Vulnerable Software and Affected Versions F5 BIG-IP versions prior to 17.1.3.1 F5 BIG-IP versions prior to 17.5.1.4 F5 BIG-IP versions prior to 21.0.0.1 Description An authenticated iControl SOAP user can obtain information regarding other accounts through a privilege assignment issue...
CVE-2026-2507 BIG-IP TMM Vulnerability
When BIG-IP AFM or BIG-IP DDoS is provisioned, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
ALPINE-CVE-2026-1642
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data in...
CVE-2026-22548
CVE-2026-22548 affects BIG-IP Advanced WAF/ASM when a security policy is configured on a virtual server. Undisclosed requests can cause the bd process to terminate, resulting in a DoS on the BIG-IP system. The issue is addressed in BIG-IP version 17.1.3 for the 17.x branch (previous 17.1.0–17.1.2...
CVE-2022-23026
On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, an authenticated user with low privileges, such as a guest, can upload data using an undisclosed REST endpoint causing an increase in disk resource...
CVE-2022-23028
On BIG-IP AFM version 16.x before 16.1.0, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x, when global AFM SYN cookie protection TCP Half Open flood vector is activated in the AFM Device Dos or DOS profile, certain types of TCP connections will fail. Note: Software versio...
CVE-2025-48008
When a TCP profile with Multipath TCP MPTCP enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS ar...
CVE-2025-61960 BIG-IP APM portal access vulnerability
When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-58153 BIG-IP HSB vulnerability
Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge HSB may experience a lockup of the HSB. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
PT-2025-42339
Name of the Vulnerable Software and Affected Versions Versions affected versions not specified Description Hardware systems with a High-Speed Bridge HSB may experience a lockup of the HSB under undisclosed traffic conditions and conditions beyond the attacker's control. Software versions that hav...
EUVD-2021-10152
Malware in sbrugna...
EUVD-2021-10142
Malware in sbrugna...
EUVD-2021-10158
Malware in sbrugna...
EUVD-2021-10164
Malware in sbrugna...
EUVD-2021-10173
Malware in sbrugna...
EUVD-2021-10171
Malware in sbrugna...
EUVD-2021-10141
Malware in sbrugna...
EUVD-2021-10170
Malware in sbrugna...