CVE-2025-12680

CVE-2025-12680 affects Brocade SANnav prior to version 2.4.0b. In the event of disaster-recovery failover, the standby SANnav server logs database passwords in clear text, enabling a remote authenticated attacker with admin privileges to read the passwords from SANnav logs or the supportsave. The...

EUVD-2018-17284

Malware in sbrugna...

EUVD-2020-27026

Malware in sbrugna...

EUVD-2018-7189

Malware in sbrugna...

CVE-2021-23011

On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 11.6.x before 11.6.5.3, when the BIG-IP system is buffering packet fragments for reassembly, the Traffic Management Microkernel TMM may consume an excessive amount of...

CVE-2020-5872

On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel TMM may stop responding and cause a failover event...

K18570111: BIG-IP ASM and Advanced WAF WebSocket vulnerability CVE-2021-23010

Security Advisory Description When the BIG-IP ASM/Advanced WAF system processes WebSocket requests with JSON payloads using the default JSON content profile in the ASM security policy, the BIG-IP ASM bd process may produce a core file. CVE-2021-23010 Impact When this vulnerability is exploited, t...

K11400411: BIG-IP APM RADIUS authentication vulnerability CVE-2020-5924

Security Advisory Description RADIUS authentication leaks memory when the username for authentication is not set. CVE-2020-5924 Impact This issue may lead to excessive memory consumption. On a BIG-IP system that is configured for high availability HA, this vulnerability may cause a failover event...

K40181790: BIND vulnerability CVE-2016-9444

Security Advisory Description named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted DS resource record in an answer. CVE-2016-9444 Impact When the BIND...

K13323323: iRules LX vulnerability CVE-2021-22973

Security Advisory Description JSON parser function does not protect against out-of-bounds memory accesses or writes. CVE-2021-22973 Impact The Traffic Management Microkernel TMM may exit and restart while processing JSON payload with iRules LX commands, leading to a failover event. Security...

K51011533: Expat XML parser vulnerability CVE-2018-20843

Security Advisory Description In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks. CVE-2018-20843 Impact...

K42933418: BIG-IP PingAccess vulnerability CVE-2020-27723

Security Advisory Description A BIG-IP APM virtual server processing PingAccess requests may lead to a restart of the Traffic Management Microkernel TMM process. CVE-2020-27723 Impact Traffic processing on the BIG-IP system is disrupted while TMM restarts, leading to a failover event in a high...

K04730051: TMM vulnerability CVE-2019-6628

Security Advisory Description Under certain conditions, the TMM process may terminate and restart while processing BIG-IP PEM traffic with the OpenVPN classifier. CVE-2019-6628 Impact On a BIG-IP PEM system configured for high availability HA, this vulnerability results in a failover event and ma...

K38243073: BIG-IP ASM data processing vulnerability CVE-2017-6154

Security Advisory Description The BIG-IP ASM bd process may produce a core file under some circumstances when processing undisclosed types of data on systems with 48 or more CPU cores. CVE-2017-6154 Impact The BIG-IP ASMbd process produces a core file, interrupting traffic processing and causing ...

F5 Networks BIG-IP : BIG-IP APM RADIUS authentication vulnerability (K11400411)

RADIUS authentication leaks memory when the username for authentication is not set.CVE-2020-5924 Impact This issue may lead to excessive memory consumption. On a BIG-IP system that is configured for high availability HA, this vulnerability may cause a failover event and temporarily disrupt...

F5 Networks BIG-IP : systemd-journald vulnerability (K22040951)

A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatchmessagereal in journald-server.c does not free the memory allocated by setiovecfieldfree to store the CMDLINE= entry. A local attacker may use this flaw to make systemd-journald...

CVE-2020-5872

On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel TMM may stop responding and cause a failover event...

CVE-2020-5872

On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel TMM may stop responding and cause a failover event...

Design/Logic Flaw

On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel TMM may stop responding and cause a failover event...

CVE-2020-5872

CVE-2020-5872 affects BIG-IP devices where TLS processing uses Intel QAT hardware acceleration; the Traffic Management Microkernel (TMM) may stop responding, triggering a failover. Exploitation details are not provided in the connected documents, but Red Hat, ENISA and F5 advisories concur the is...