CVE-2025-61990

>= 1.7.0 and <= 1.9.2

When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel (TMM

7.5HIGH

CVE-2025-61974

>= 1.7.0 and <= 1.9.2

When a client SSL profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utiliza

7.5HIGH

CVE-2025-60016

>= 1.7.0 and <= 1.9.2

When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule o

7.5HIGH

CVE-2025-58120

>= 1.7.0 and < 1.7.14

When HTTP/2 Ingress is configured, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: S

7.5HIGH

CVE-2025-55670

>= 1.7.0 and <= 1.9.2

On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic

6.5MEDIUM

CVE-2025-54805

>= 1.7.0 and <= 1.9.2

When an iRule is configured on a virtual server via the declarative API, upon re-instantiation, the cleanup process can cause an i

6.5MEDIUM

CVE-2025-48008

>= 1.7.0 and <= 1.9.2

When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions

7.5HIGH

CVE-2025-46706

>= 1.7.0 and <= 1.9.2

When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase i

7.5HIGH

CVE-2025-54500

>= 1.7.0 and <= 1.9.2

An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max

5.3MEDIUM

CVE-2025-41414

>= 1.7.0 and < 1.7.9

When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate. N

7.5HIGH

CVE-2025-41399

>= 1.7.0 and < 1.7.12

When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an in

7.5HIGH

CVE-2025-36557

>= 1.7.0 and < 1.7.9

When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the

7.5HIGH

CVE-2025-36504

>= 1.7.0 and <= 1.9.2

When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory r

7.5HIGH

CVE-2025-22846

>= 1.7.0 and < 1.7.7

When SIP Session and Router ALG profiles are configured on a Message Routing type virtual server, undisclosed traffic can cause th

7.5HIGH

CVE-2024-41164

>= 1.7.0 and < 1.9.0

When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions b

5.9MEDIUM

CVE-2024-23314

>= 1.5.0 and < 1.8.1

When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel

7.5HIGH

CVE-2023-45886

>= 1.5.0 and <= 1.8.2

The BGP daemon (bgpd) in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted B

7.5HIGH

CVE-2023-44487

>= 1.5.0 and <= 1.8.2

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q

7.5HIGH

CVE-2023-45226

all versions

The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that m

7.4HIGH

CVE-2023-40534

>= 1.6.0 and <= 1.8.2

When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQ

7.5HIGH

CVE-2023-24594

all versions

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resourc

5.3MEDIUM