K000159034: BIG-IP HTTP/2 vulnerability CVE-2026-42409

Security Advisory Description When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. CVE-2026-42409 Impact Traffic is disrupted while...

CVE-2025-58096

CVE-2025-58096 affects BIG-IP TMM: when tm.tcpudptxchecksum is configured as non-default Software-only, undisclosed traffic can terminate TMM, causing DoS on the BIG-IP device. Public sources confirm this vulnerability across BIG-IP versions and provide remediation guidance. Affected BIG-IP branc...

EUVD-2018-6878

Malware in sbrugna...

CVE-2018-14996

The Oppo F5 Android device with a build fingerprint of OPPO/CPH1723/CPH1723:7.1.1/N6F26Q/1513597833:user/release-keys contains a pre-installed platform app with a package name of com.dropboxchmod versionCode=1, versionName=1.0 that contains an exported service named...

PT-2024-19803 · F5 · Big-Ip Next Spk +1

Name of the Vulnerable Software and Affected Versions: BIG-IP versions affected versions not specified BIG-IP Next SPK versions affected versions not specified Description: When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management...

F5 BIG-IP Security Vulnerabilities

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A security vulnerability exists in F5 BIG-IP that originates when configuring BIG-IP ASM/Advanced WAF security policy on a virtual server, whe...

K05204103: F5 TMM vulnerability CVE-2020-5950

Security Advisory Description An early syncookie leaks forwarding flows if the virtual server has Clustered Multiprocessing CMP disabled and the BIG-IP AFM module is provisioned. CVE-2020-5950 Impact The BIG-IP system resources may be excessively consumed and potentially lead to a failover event...

K76610106: F5 IPsec vulnerability CVE-2020-5938

Security Advisory Description When negotiating IPsec tunnels with configured, authenticated peers, the peer may negotiate a different key length than the BIG-IP configuration would otherwise allow. CVE-2020-5938 Impact IPsec connections can be created with a different key length than specified in...

PT-2022-22400 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 13.1.x BIG-IP versions 14.1.x before 14.1.5 BIG-IP versions 15.1.x before 15.1.6.1 BIG-IP versions 16.1.x before 16.1.3.1 Description: When an LTM virtual server is configured to perform normalization, undisclosed requests can...

SOL17132 - Linux kernel vulnerability CVE-2014-8133

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. This vulnerability affects only 32-bit based systems. To determine if your BIG-IP device is a 32-bit based system, you ca...

SOL15484 - OpenSSH vulnerability CVE-2006-4925

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

SOL15220 - iControl vulnerability CVE-2014-2928

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...