CVSS: 8.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-24326 – BIG-IP Advanced WAF/ASM BADoS vulnerability
https://notcve.org/view.php?id=CVE-2025-24326
05 Feb 2025 — When BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured, undisclosed traffic can case an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K000140950 • CWE-787: Out-of-bounds Write •
CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 0CVE-2025-20045 – BIG-IP SIP MRF Vulnerability
https://notcve.org/view.php?id=CVE-2025-20045
05 Feb 2025 — When SIP session Application Level Gateway mode (ALG) profile with Passthru Mode enabled and SIP router ALG profile are configured on a Message Routing type virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K000138932 • CWE-476: NULL Pointer Dereference •
CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22891 – BIG-IP PEM Vulnerability
https://notcve.org/view.php?id=CVE-2025-22891
05 Feb 2025 — When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can cause the Virtual Server to stop processing new client connections and an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K000139778 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 8.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-20058 – BIG-IP message routing vulnerability
https://notcve.org/view.php?id=CVE-2025-20058
05 Feb 2025 — When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated • https://my.f5.com/manage/s/article/K000140947 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23415 – BIG-IP APM Endpoint Inspection vulnerability
https://notcve.org/view.php?id=CVE-2025-23415
05 Feb 2025 — An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access Policy endpoint inspection that may allow an attacker to bypass endpoint inspection checks for VPN connection initiated thru BIG-IP APM browser network access VPN client for Windows, macOS and Linux. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. • https://my.f5.com/manage/s/article/K000139656 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.7EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21091 – BIG-IP SNMP vulnerability
https://notcve.org/view.php?id=CVE-2025-21091
05 Feb 2025 — When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated • https://my.f5.com/manage/s/article/K000140933 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.9EPSS: 0%CPEs: 4EXPL: 0CVE-2025-21087 – TMM Vulnerability
https://notcve.org/view.php?id=CVE-2025-21087
05 Feb 2025 — When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are in use, undisclosed traffic can cause an increase in memory and CPU resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated • https://my.f5.com/manage/s/article/K000134888 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45844 – BIG-IP monitors vulnerability
https://notcve.org/view.php?id=CVE-2024-45844
16 Oct 2024 — BIG-IP monitor functionality may allow an attacker to bypass access control restrictions, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. La función de monitorización de BIG-IP puede permitir que un atacante eluda las restricciones de control de acceso, independientemente de la configuración de bloqueo de puertos. Nota: Las versiones de software que han alcanzado el fin del soporte técnico (EoTS) no se evalúan. • https://my.f5.com/manage/s/article/K000140061 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21781
https://notcve.org/view.php?id=CVE-2024-21781
16 Sep 2024 — Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to enable information disclosure or denial of service via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html • CWE-20: Improper Input Validation •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21829
https://notcve.org/view.php?id=CVE-2024-21829
16 Sep 2024 — Improper input validation in UEFI firmware error handler for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html • CWE-20: Improper Input Validation •