Filtered by vendor F5
Subscribe
Total
941 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-60016 | 1 F5 | 2 Big-ip Next Cloud-native Network Functions, Big-ip Next Service Proxy For Kubernetes | 2025-10-22 | N/A | 7.5 HIGH |
| When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-60015 | 1 F5 | 2 F5os-a, F5os-c | 2025-10-22 | N/A | 5.7 MEDIUM |
| An out-of-bounds write vulnerability exists in F5OS-A and F5OS-C that could lead to memory corruption. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-60013 | 1 F5 | 1 F5os-a | 2025-10-22 | N/A | 5.7 MEDIUM |
| When a user attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, the FIPS hardware security module (HSM) may fail to initialize. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-59781 | 1 F5 | 22 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 19 more | 2025-10-22 | N/A | 7.5 HIGH |
| When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-59778 | 1 F5 | 1 F5os-c | 2025-10-22 | N/A | 7.5 HIGH |
| When the Allowed IP Addresses feature is configured on the F5OS-C partition control plane, undisclosed traffic can cause multiple containers to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-59478 | 1 F5 | 1 Big-ip Advanced Firewall Manager | 2025-10-22 | N/A | 7.5 HIGH |
| When a BIG-IP AFM denial-of-service (DoS) protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-58474 | 1 F5 | 2 Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager | 2025-10-22 | N/A | 5.3 MEDIUM |
| When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery (SSRF) protection or when an NGINX server is configured with App Protect Bot Defense, undisclosed requests can disrupt new client requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-58424 | 1 F5 | 21 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 18 more | 2025-10-22 | N/A | 3.7 LOW |
| On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification in protocols which do not have message integrity protection. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-58153 | 1 F5 | 21 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 18 more | 2025-10-22 | N/A | 5.9 MEDIUM |
| Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge (HSB) may experience a lockup of the HSB. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-58120 | 1 F5 | 3 Big-ip Next Cloud-native Network Functions, Big-ip Next For Kubernetes, Big-ip Next Service Proxy For Kubernetes | 2025-10-22 | N/A | 7.5 HIGH |
| When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-55670 | 1 F5 | 3 Big-ip Next Cloud-native Network Functions, Big-ip Next For Kubernetes, Big-ip Next Service Proxy For Kubernetes | 2025-10-22 | N/A | 6.5 MEDIUM |
| On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-55669 | 1 F5 | 1 Big-ip Application Security Manager | 2025-10-22 | N/A | 7.5 HIGH |
| When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2014-7169 | 17 Apple, Arista, Canonical and 14 more | 85 Mac Os X, Eos, Ubuntu Linux and 82 more | 2025-10-22 | 10.0 HIGH | 9.8 CRITICAL |
| GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271. | |||||
| CVE-2014-6271 | 17 Apple, Arista, Canonical and 14 more | 85 Mac Os X, Eos, Ubuntu Linux and 82 more | 2025-10-22 | 10.0 HIGH | 9.8 CRITICAL |
| GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix. | |||||
| CVE-2014-0196 | 7 Canonical, Debian, F5 and 4 more | 30 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 27 more | 2025-10-22 | 6.9 MEDIUM | 5.5 MEDIUM |
| The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. | |||||
| CVE-2025-61974 | 1 F5 | 3 Big-ip Next Cloud-native Network Functions, Big-ip Next For Kubernetes, Big-ip Next Service Proxy For Kubernetes | 2025-10-21 | N/A | 7.5 HIGH |
| When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-61960 | 1 F5 | 1 Big-ip Access Policy Manager | 2025-10-21 | N/A | 7.5 HIGH |
| When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-61958 | 1 F5 | 21 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 18 more | 2025-10-21 | N/A | 8.7 HIGH |
| A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least a resource administrator role to bypass tmsh restrictions and gain access to a bash shell. For BIG-IP systems running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-61955 | 1 F5 | 2 F5os-a, F5os-c | 2025-10-21 | N/A | 8.8 HIGH |
| A vulnerability exists in F5OS-A and F5OS-C systems that may allow an authenticated attacker with local access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-61951 | 1 F5 | 21 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 18 more | 2025-10-21 | N/A | 7.5 HIGH |
| Undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. This issue may occur when a Datagram Transport Layer Security (DTLS) 1.2 virtual server is enabled with a Server SSL profile that is configured with a certificate, key, and the SSL Sign Hash set to ANY, and the backend server is enabled with DTLS 1.2 and client authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||