CVE-2025-61990

>= 1.1.0 and <= 1.4.0

When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel (TMM

7.5HIGH

CVE-2025-58071

>= 1.1.0 and <= 1.4.1

When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate

7.5HIGH

CVE-2025-61974

>= 1.1.0 and <= 1.4.1

When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utiliza

7.5HIGH

CVE-2025-60016

>= 1.1.0 and < 1.4.0

When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule o

7.5HIGH

CVE-2025-59781

>= 1.1.0 and <= 1.4.0

When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memor

7.5HIGH

CVE-2025-58120

>= 1.1.0 and <= 1.4.1

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: S

7.5HIGH

CVE-2025-55670

>= 1.1.0 and <= 1.4.1

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic

6.5MEDIUM

CVE-2025-54805

>= 1.1.0 and <= 1.4.1

When an iRule is configured on a virtual server via the declarative API, upon re-instantiation, the cleanup process can cause an i

6.5MEDIUM

CVE-2025-54479

>= 1.1.0 and <= 1.4.0

When a classification profile is configured on a virtual server without an HTTP or HTTP/2 profile, undisclosed requests can cause

7.5HIGH

CVE-2025-48008

>= 1.1.0 and <= 1.4.1

When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions

7.5HIGH

CVE-2025-46706

>= 1.1.0 and <= 1.4.1

When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase i

7.5HIGH

CVE-2025-54500

>= 1.1.0 and <= 1.4.1

An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max

5.3MEDIUM

CVE-2025-41414

>= 1.1.0 and < 1.4.0

When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate. N

7.5HIGH

CVE-2025-41399

>= 1.1.0 and < 1.3.0

When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an in

7.5HIGH

CVE-2025-36557

>= 1.1.0 and < 1.4.0

When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the

7.5HIGH

CVE-2025-36504

>= 1.1.0 and <= 1.4.1

When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory r

7.5HIGH

CVE-2025-24312

>= 1.1.0 and < 1.4.0

When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a virtual server or firewa

7.5HIGH

CVE-2024-41164

>= 1.1.0 and < 1.2.0

When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions b

5.9MEDIUM

CVE-2024-28132

>= 1.2.0 and < 1.3.0

Exposure of Sensitive Information vulnerability exists in the GSLB container, which may allow an authenticated attacker with local

4.4MEDIUM

CVE-2024-25560

>= 1.1.0 and < 1.2.0

When BIG-IP AFM is licensed and provisioned, undisclosed DNS traffic can cause the Traffic Management Microkernel (TMM) to termina

7.5HIGH

CVE-2024-23306

>= 1.1.0 and < 1.2.0

A vulnerability exists in BIG-IP Next CNF and SPK systems that may allow access to undisclosed sensitive files. Note: Software v

7.1HIGH

CVE-2023-45886

>= 1.1.0 and <= 1.1.1

The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted B

7.5HIGH