Lucene search
K

58 matches found

RedhatCVE
RedhatCVE
added 2025/10/16 2:51 p.m.7 views

CVE-2025-59478

When a BIG-IP AFM denial-of-service DoS protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.8AI score0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/16 2:51 p.m.5 views

CVE-2025-61974

When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.9AI score0.0042EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 3:30 p.m.7 views

EUVD-2025-34626

When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.2AI score0.00317EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/15 3:30 p.m.8 views

EUVD-2025-34645

When BIG-IP SSL Orchestrator explicit forward proxy is configured on a virtual server and the proxy connect feature is enabled, undisclosed traffic may cause memory corruption. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.3AI score0.00317EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/15 3:30 p.m.19 views

EUVD-2025-34630

When a BIG-IP APM Access Policy is configured on a virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.3AI score0.02246EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/15 3:30 p.m.5 views

EUVD-2025-34650

When a TCP profile with Multipath TCP MPTCP enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS ar...

8.7CVSS6.3AI score0.00408EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/15 3:19 p.m.8 views

CVE-2025-61990 TMM vulnerability

When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00317EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/15 3:19 p.m.3 views

CVE-2025-61990 TMM vulnerability

When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.4AI score0.00317EPSS
Exploits0References1
NVD
NVD
added 2025/10/15 2:15 p.m.8 views

CVE-2025-58120

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00317EPSS
Exploits0References1
CVE
CVE
added 2025/10/15 1:55 p.m.18 views

CVE-2025-60015

The CVE-2025-60015 issue affects F5OS-A and F5OS-C with an out-of-bounds write leading to memory corruption. Per the F5 advisory, vulnerable versions include F5OS-A 1.8.03 and 1.5.1–1.5.3, plus F5OS-C 1.8.0–1.8.1 and 1.6.0–1.6.23. Remediation is available via updates: F5OS-A to 1.8.3 (and later),...

6.9CVSS6.7AI score0.00192EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/10/15 1:55 p.m.3 views

CVE-2025-61960 BIG-IP APM portal access vulnerability

When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.4AI score0.00317EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/15 1:55 p.m.3 views

CVE-2025-59268 BIG-IP Configuration utility vulnerability

On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.9CVSS6.4AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/15 3:36 p.m.16 views

CVE-2025-46405

When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS7.1AI score0.00312EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/15 3:36 p.m.12 views

CVE-2025-48500

A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with a malicious package installer. Note: Software versions which have reached End of Technical Support Eo...

7.3CVSS6.8AI score0.00105EPSS
Exploits0References1
NVD
NVD
added 2025/08/13 3:15 p.m.9 views

CVE-2025-46405

When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00312EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/13 2:46 p.m.9 views

CVE-2025-54500 HTTP/2 Vulnerability

An HTTP/2 implementation flaw allows a denial-of-service DoS that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit HTTP/2 MadeYouReset Attack. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.9CVSS0.00458EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/05 12:0 a.m.3 views

PT-2025-5730 · F5 · Big-Ip +1

Name of the Vulnerable Software and Affected Versions: No specific software name or versions are mentioned in the provided descriptions. Description: When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an...

8.9CVSS6.9AI score0.00393EPSS
Exploits0References6
OSV
OSV
added 2024/10/16 3:15 p.m.5 views

CVE-2024-45844

BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.6CVSS5.8AI score0.10582EPSS
Exploits1References2
OSV
OSV
added 2024/08/14 3:15 p.m.5 views

CVE-2024-39809

The Central Manager user session refresh token does not expire when a user logs out. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS5.8AI score0.00413EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/14 2:32 p.m.27 views

CVE-2024-41723 BIG-IP iControl REST vulnerability

Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5.3CVSS6.6AI score0.00301EPSS
Exploits0References1
Rows per page
Query Builder