CVE-2025-55670
- EPSS 0.28%
- Veröffentlicht 15.10.2025 13:55:48
- Zuletzt bearbeitet 22.10.2025 20:49:14
On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) a...
CVE-2025-59781
- EPSS 0.32%
- Veröffentlicht 15.10.2025 13:55:46
- Zuletzt bearbeitet 22.10.2025 21:02:07
When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-46706
- EPSS 0.39%
- Veröffentlicht 15.10.2025 13:55:45
- Zuletzt bearbeitet 21.10.2025 18:54:09
When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evalua...
CVE-2025-60016
- EPSS 0.41%
- Veröffentlicht 15.10.2025 13:55:44
- Zuletzt bearbeitet 22.10.2025 21:06:10
When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Mi...
CVE-2025-48008
- EPSS 0.41%
- Veröffentlicht 15.10.2025 13:55:44
- Zuletzt bearbeitet 21.10.2025 18:53:07
When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions...
CVE-2025-54500
- EPSS 0.46%
- Veröffentlicht 13.08.2025 14:46:55
- Zuletzt bearbeitet 04.02.2026 17:47:28
An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack). Note: Software versions which have reached End of Technical Su...
CVE-2025-41399
- EPSS 0.35%
- Veröffentlicht 07.05.2025 22:15:20
- Zuletzt bearbeitet 21.10.2025 18:43:09
When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are no...
CVE-2025-41414
- EPSS 0.35%
- Veröffentlicht 07.05.2025 22:15:20
- Zuletzt bearbeitet 21.10.2025 18:43:21
When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVE-2025-36557
- EPSS 0.35%
- Veröffentlicht 07.05.2025 22:15:20
- Zuletzt bearbeitet 06.08.2025 18:14:59
When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (...
CVE-2025-36504
- EPSS 0.36%
- Veröffentlicht 07.05.2025 22:15:19
- Zuletzt bearbeitet 21.10.2025 18:42:48
When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.