CVE-2025-61951 BIG-IP DTLS 1.2 Vulnerability

Undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. This issue may occur when a Datagram Transport Layer Security DTLS 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the...

CVE-2025-61951

CVE-2025-61951 affects F5 BIG-IP DTLS 1.2 via the Traffic Management Microkernel (TMM). When a DTLS 1.2 virtual server uses a Server SSL profile with a certificate, key, and the SSL Sign Hash set to ANY, and the backend DTLS 1.2 with client authentication is enabled, undisclosed traffic can cause...

CVE-2025-55669 BIG-IP HTTP/2 vulnerability

When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP 缓冲区错误漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing and other features from F5 USA. A buffer error vulnerability exists in F5 BIG-IP that originates from a misconfiguration of the DTLS 1.2 virtual server when th...

CVE-2024-8534 Memory safety vulnerability leading to memory corruption and Denial of Service

Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway VPN Vserver with RDP Feature enabled OR the appliance must be configured as a Gateway VPN Vserver and RDP Proxy Server Profile is created an...

CVE-2024-8534

Summary: CVE-2024-8534 is a memory safety vulnerability in Citrix NetScaler ADC and NetScaler Gateway that can cause memory corruption and Denial of Service when the device is configured as a Gateway/VPN Vserver with RDP features enabled (or with an RDP Proxy Server Profile) or when the Auth Serv...

CVE-2024-8534 Memory safety vulnerability leading to memory corruption and Denial of Service

Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway VPN Vserver with RDP Feature enabled OR the appliance must be configured as a Gateway VPN Vserver and RDP Proxy Server Profile is created an...

CVE-2023-40542

When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K81557381: BIG-IP HTTP/2 vulnerability CVE-2019-6673

Security Advisory Description When the BIG-IP system is configured in HTTP/2 full proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel TMM. CVE-2019-6673 Impact An attacker may be able to use a specifically crafted request to...

Security Bulletin: IBM DataPower Gateway is affected by a vulnerability (CVE-2018-1665)

Summary IBM DataPower Gateway has addressed the following vulnerability: CVE-2018-1665 Vulnerability Details CVEID: CVE-2018-1665 DESCRIPTION: IBM DataPower Gateways uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base...

F5 Networks BIG-IP : BIG-IP HTTP/2 vulnerability (K81557381)

When the BIG-IP system is configured in HTTP/2 full proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel TMM. CVE-2019-6673 Impact An attacker may be able to use a specifically crafted request to cause a disruption of service...

Spoofing

A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data, aka "Microsoft Exchange Server Tampering Vulnerability." This affects Microsoft Exchange Server...

CVE-2018-5527

On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel tmm to leak memory. As a result, system memory usage...

db2-das-info NSE Script

Connects to the IBM DB2 Administration Server DAS on TCP or UDP port 523 and exports the server profile. No authentication is required for this request. The script will also set the port product and version if a version scan is requested. Example Usage nmap -sV Script Output PORT STATE SERVICE...