Lucene search
K

170 matches found

CNVD
CNVD
added 2025/02/18 12:0 a.m.7 views

Unspecified Vulnerability in F5 BIG-IP PEM

F5 BIG-IP PEM is a policy enforcer used in BIG-IP from F5 USA. A security vulnerability exists in the F5 BIG-IP PEM due to a Diameter Endpoint profile that can be exploited by an attacker to cause the virtual server to stop processing new client connections and cause an increase in memory resourc...

8.7CVSS6.6AI score0.00396EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/02/18 12:0 a.m.9 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.10 : Libtasn1 vulnerability (USN-7275-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7275-1 advisory. Bing Shi discovered that Libtasn1 inefficiently handled certificates. An attacker could possibly use this issue to increase resource utilizati...

5.3CVSS6.8AI score0.0107EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/07 6:3 p.m.10 views

CVE-2025-21091

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.8AI score0.00436EPSS
Exploits0References3
NVD
NVD
added 2025/02/05 6:15 p.m.15 views

CVE-2025-24326

When BIG-IP Advanced WAF/ASM Behavioral DoS BADoS TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.9CVSS0.00393EPSS
Exploits0References1
NVD
NVD
added 2025/02/05 6:15 p.m.15 views

CVE-2025-24312

When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are...

8.7CVSS0.00386EPSS
Exploits0References1
NVD
NVD
added 2025/02/05 6:15 p.m.14 views

CVE-2025-22891

When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...

8.7CVSS0.00396EPSS
Exploits0References1
NVD
NVD
added 2025/02/05 6:15 p.m.13 views

CVE-2025-21087

When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.9CVSS0.00393EPSS
Exploits0References1
NVD
NVD
added 2025/02/05 6:15 p.m.14 views

CVE-2025-21091

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00436EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/05 5:31 p.m.10 views

CVE-2025-24312 BIG-IP AFM vulnerability

When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are...

8.7CVSS7.8AI score0.00386EPSS
Exploits0References1
CVE
CVE
added 2025/02/05 5:31 p.m.60 views

CVE-2025-24312

CVE-2025-24312 affects BIG-IP AFM. When IPS is enabled and a protocol inspection profile is configured on a virtual server or policy, undisclosed traffic can cause CPU resource utilization, potentially leading to DoS. Affected fixes are provided in: BIG-IP AFM 17.1.0–17.1.1 (fix 17.1.2); BIG-IP A...

8.7CVSS7.6AI score0.00386EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/05 5:31 p.m.11 views

CVE-2025-24326 BIG-IP Advanced WAF/ASM BADoS vulnerability

When BIG-IP Advanced WAF/ASM Behavioral DoS BADoS TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.9CVSS6.9AI score0.00393EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 5:31 p.m.19 views

CVE-2025-24326 BIG-IP Advanced WAF/ASM BADoS vulnerability

When BIG-IP Advanced WAF/ASM Behavioral DoS BADoS TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.9CVSS0.00393EPSS
Exploits0References1
CVE
CVE
added 2025/02/05 5:31 p.m.77 views

CVE-2025-24326

The CVE-2025-24326 issue affects BIG-IP ASM with BADoS (Behavioral DoS) TLS Signatures. When this feature is enabled, undisclosed traffic can cause memory resource utilization to increase, degrading system performance and potentially leading to DoS if processes are restarted. Affected BIG-IP ASM ...

8.9CVSS7.6AI score0.00393EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/02/05 5:31 p.m.75 views

CVE-2025-22891

CVE-2025-22891 affects BIG-IP PEM: when the PEM Control Plane Listener virtual server is configured with a Diameter Endpoint profile, undisclosed traffic can cause the virtual server to stop processing new client connections and increase memory usage, potentially disrupting traffic. Remediation i...

8.7CVSS7.5AI score0.00396EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/05 5:31 p.m.12 views

CVE-2025-22891 BIG-IP PEM Vulnerability

When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...

8.7CVSS6.8AI score0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/05 5:31 p.m.9 views

CVE-2025-21091 BIG-IP SNMP vulnerability

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.9AI score0.00436EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 5:30 p.m.15 views

CVE-2025-21087 TMM Vulnerability

When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.9CVSS0.00393EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/05 5:30 p.m.10 views

CVE-2025-21087 TMM Vulnerability

When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.9CVSS6.9AI score0.00393EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2025/02/05 2:18 p.m.15 views

K000134888: TMM vulnerability CVE-2025-21087

Security Advisory Description When Client SSL or Server SSL profiles are configured on a virtual server, or Domain Name System Security Extensions DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. CVE-2025-21087 Impact System...

8.9CVSS6.2AI score0.00393EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
added 2025/02/05 1:45 p.m.12 views

K000139778: BIG-IP PEM vulnerability CVE-2025-22891

Security Advisory Description When a BIG-IP PEM Control Plane Listener virtual server is configured with a Diameter Endpoint profile, undisclosed traffic can cause the virtual server to stop processing new client connections and cause an increase in memory resource utilization. CVE-2025-22891...

8.7CVSS6.4AI score0.00396EPSS
Exploits0Affected Software1
Rows per page
Query Builder