ReportizFlow
Filtered by vendor F5
Subscriptions
Filtered by product Big-ip Next Cloud-native Network Functions
Subscriptions
Total
17 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-61974 | 1 F5 | 6 Big-ip, Big-ip Next, Big-ip Next Cloud-native Network Functions and 3 more | 2025-10-22 | 7.5 High |
| When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-54805 | 1 F5 | 6 Big-ip, Big-ip Next, Big-ip Next Cloud-native Network Functions and 3 more | 2025-10-21 | 6.5 Medium |
| When an iRule is configured on a virtual server via the declarative API, upon re-instantiation, the cleanup process can cause an increase in the Traffic Management Microkernel (TMM) memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-54479 | 1 F5 | 4 Big-ip, Big-ip Next Cloud-native Network Functions, Big-ip Next For Kubernetes and 1 more | 2025-10-21 | 7.5 High |
| When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-54500 | 1 F5 | 28 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 25 more | 2025-10-21 | 5.3 Medium |
| An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-58071 | 1 F5 | 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more | 2025-10-21 | 7.5 High |
| When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-46706 | 1 F5 | 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more | 2025-10-21 | 7.5 High |
| When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-48008 | 1 F5 | 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more | 2025-10-21 | 7.5 High |
| When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-41414 | 1 F5 | 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more | 2025-10-21 | 7.5 High |
| When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2025-41399 | 1 F5 | 25 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 22 more | 2025-10-21 | 7.5 High |
| When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-36504 | 1 F5 | 25 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 22 more | 2025-10-21 | 7.5 High |
| When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-61990 | 1 F5 | 25 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 22 more | 2025-10-21 | 7.5 High |
| When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-25560 | 1 F5 | 22 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 19 more | 2025-10-21 | 7.5 High |
| When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-23306 | 1 F5 | 1 Big-ip Next Cloud-native Network Functions | 2025-09-05 | 7.1 High |
| A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensitive files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2025-36557 | 1 F5 | 14 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 11 more | 2025-08-06 | 7.5 High |
| When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-28132 | 1 F5 | 1 Big-ip Next Cloud-native Network Functions | 2025-08-06 | 4.4 Medium |
| Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local access to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-45886 | 2 F5, Ipinfusion | 6 Big-ip Global Traffic Manager, Big-ip Local Traffic Manager, Big-ip Next and 3 more | 2024-11-21 | 7.5 High |
| The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute. | ||||
| CVE-2024-41164 | 1 F5 | 23 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 20 more | 2024-08-19 | 5.9 Medium |
| When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
Page 1 of 1.