CVE-2022-23019

On BIG-IP version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a message routing type virtual server is configured with both Diameter Session and Router Profiles, undisclosed traffic can cause an increase in memory resource...

CVE-2022-23015

On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, and 14.1.2.6-14.1.4.4, when a Client SSL profile is configured on a virtual server with Client Certificate Authentication set to request/require and Session Ticket enabled and configured, processing SSL traffic can cause an increase i...

CVE-2022-23029

On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which ha...

CVE-2022-23010

On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile and an HTTP profile are configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note:...

EUVD-2022-31717

Malicious code in bioql PyPI...

EUVD-2022-38128

Malicious code in bioql PyPI...

EUVD-2023-45113

Malicious code in bioql PyPI...

CVE-2025-36504 BIG-IP HTTP/2 vulnerability

When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K000137709: SCTP vulnerability CVE-2025-41399

Security Advisory Description When a Stream Control Transmission Protocol SCTP profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2025-41399 Impact System performance can degrade until the Traffic Management Microkernel TMM...

F5 Networks BIG-IP : SCTP vulnerability (K000137709)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000137709 advisory. When a Stream Control Transmission Protocol SCTP profile is configured on a virtual server, undisclosed...

Unspecified Vulnerability in F5 BIG-IP PEM

F5 BIG-IP PEM is a policy enforcer used in BIG-IP from F5 USA. A security vulnerability exists in the F5 BIG-IP PEM due to a Diameter Endpoint profile that can be exploited by an attacker to cause the virtual server to stop processing new client connections and cause an increase in memory resourc...

CVE-2025-21091

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-24326

When BIG-IP Advanced WAF/ASM Behavioral DoS BADoS TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-22891

When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...

CVE-2025-21091

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-24326

The CVE-2025-24326 issue affects BIG-IP ASM with BADoS (Behavioral DoS) TLS Signatures. When this feature is enabled, undisclosed traffic can cause memory resource utilization to increase, degrading system performance and potentially leading to DoS if processes are restarted. Affected BIG-IP ASM ...

CVE-2025-24326 BIG-IP Advanced WAF/ASM BADoS vulnerability

When BIG-IP Advanced WAF/ASM Behavioral DoS BADoS TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-24326 BIG-IP Advanced WAF/ASM BADoS vulnerability

When BIG-IP Advanced WAF/ASM Behavioral DoS BADoS TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-22891 BIG-IP PEM Vulnerability

When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...

CVE-2025-22891

CVE-2025-22891 affects BIG-IP PEM: when the PEM Control Plane Listener virtual server is configured with a Diameter Endpoint profile, undisclosed traffic can cause the virtual server to stop processing new client connections and increase memory usage, potentially disrupting traffic. Remediation i...