CVE-2025-54500
- EPSS 0.1%
- Published 13.08.2025 14:46:55
- Last modified 13.08.2025 17:33:46
An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack). Note: Software versions which have reached End of Technical Su...
CVE-2025-41399
- EPSS 0.07%
- Published 07.05.2025 22:15:20
- Last modified 08.05.2025 14:39:09
When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are no...
CVE-2025-36504
- EPSS 0.07%
- Published 07.05.2025 22:15:19
- Last modified 08.05.2025 14:39:09
When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-21087
- EPSS 0.15%
- Published 05.02.2025 18:15:30
- Last modified 05.02.2025 18:15:30
When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note: Software versions which have reached End of T...
CVE-2023-45886
- EPSS 0.31%
- Published 21.11.2023 06:15:42
- Last modified 21.11.2024 08:27:33
The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute.
CVE-2023-44487
- EPSS 94.44%
- Published 10.10.2023 14:15:10
- Last modified 11.06.2025 17:29:54
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.