CVE-2025-20058 BIG-IP message routing vulnerability

When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-22891 BIG-IP PEM Vulnerability

When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technica...

CVE-2025-22891

CVE-2025-22891 affects BIG-IP PEM: when the PEM Control Plane Listener virtual server is configured with a Diameter Endpoint profile, undisclosed traffic can cause the virtual server to stop processing new client connections and increase memory usage, potentially disrupting traffic. Remediation i...

CVE-2025-20058

CVE-2025-20058 affects BIG-IP: when a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can trigger increased memory usage, potentially degrading system performance and causing DoS via TMM. The F5 K000140947 advisory details affected branches and fixes: BIG-IP ...

CVE-2025-20058 BIG-IP message routing vulnerability

When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-21091

CVE-2025-21091 affects F5 BIG-IP SNMP when SNMPv1/v2c is disabled. The vulnerability can cause a DoS by increasing memory usage through undisclosed requests. According to the advisory, fixes are available in specific branches: for BIG-IP (all modules) the fix was introduced in 17.1.2 (vulnerable:...

CVE-2025-21091 BIG-IP SNMP vulnerability

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-21091 BIG-IP SNMP vulnerability

When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-21087 TMM Vulnerability

When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-21087 TMM Vulnerability

When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-21087

CVE-2025-21087 affects F5 BIG-IP TMM: when Client/Server SSL profiles are configured on a virtual server or DNSSEC signing is used, undisclosed traffic can cause increased memory and CPU usage, potentially degrading performance or causing DoS. According to the F5 advisory, vulnerable ranges inclu...

K000134888: TMM vulnerability CVE-2025-21087

Security Advisory Description When Client SSL or Server SSL profiles are configured on a virtual server, or Domain Name System Security Extensions DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. CVE-2025-21087 Impact System...

K000140933: BIG-IP SNMP vulnerability CVE-2025-21091

Security Advisory Description When SNMP v1 or v2c are disabled on the BIG-IP system, undisclosed requests can cause an increase in memory resource utilization. CVE-2025-21091 Impact System performance can degrade until the snmpd process is either forced to restart or is manually restarted. This...

K000141380: BIG-IP AFM vulnerability CVE-2025-24312

Security Advisory Description When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewall rule or policy, undisclosed traffic can cause an increase in CPU resource utilization. CVE-2025-24312 Impact System performance can...

K000140950: BIG-IP ASM BADoS vulnerability CVE-2025-24326

Security Advisory Description When the BIG-IP ASM Behavioral DoS BADoS TLS Signatures feature is configured, undisclosed traffic can cause an increase in memory resource utilization. CVE-2025-24326 Impact System performance can degrade until the admd or Traffic Management Microkernel TMM processe...

K000140947: BIG-IP message routing vulnerability CVE-2025-20058

Security Advisory Description When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. CVE-2025-20058 Impact System performance can degrade until the Traffic Management Microkernel TMM process is either forc...

K000139778: BIG-IP PEM vulnerability CVE-2025-22891

Security Advisory Description When a BIG-IP PEM Control Plane Listener virtual server is configured with a Diameter Endpoint profile, undisclosed traffic can cause the virtual server to stop processing new client connections and cause an increase in memory resource utilization. CVE-2025-22891...

CVE-2024-45797

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5....

CVE-2024-20314

A vulnerability in the IPv4 Software-Defined Access SD-Access fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service DoS condition on an affected device. This...

CVE-2024-20303

A vulnerability in the multicast DNS mDNS gateway feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper management of mDNS client entries. An attacker...