CVE Alert: CVE-2025-23412
Vulnerability Summary: CVE-2025-23412 When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause TMM to...
CVE
CVE Alert: CVE-2025-23239
Vulnerability Summary: CVE-2025-23239 When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST...
CVE Alert: CVE-2025-22846
Vulnerability Summary: CVE-2025-22846 When SIP Session and Router ALG profiles are configured on a Message Routing type virtual server, undisclosed...
CVE Alert: CVE-2025-23415
Vulnerability Summary: CVE-2025-23415 An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access Policy endpoint inspection that may...
CVE Alert: CVE-2025-24320
Vulnerability Summary: CVE-2025-24320 A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that...
CVE Alert: CVE-2025-24312
Vulnerability Summary: CVE-2025-24312 When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a...
CVE Alert: CVE-2025-24319
Vulnerability Summary: CVE-2025-24319 When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can...
CVE Alert: CVE-2025-23419
Vulnerability Summary: CVE-2025-23419 When multiple server blocks are configured to share the same IP address and port, an attacker can...
CVE Alert: CVE-2025-24497
Vulnerability Summary: CVE-2025-24497 When URL categorization is configured on a virtual server, undisclosed requests can cause TMM to terminate. Note:...
CVE Alert: CVE-2024-38316
Vulnerability Summary: CVE-2024-38316 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an authenticated...
CVE Alert: CVE-2025-24372
Vulnerability Summary: CVE-2025-24372 CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Using a...
CVE Alert: CVE-2024-56471
Vulnerability Summary: CVE-2024-56471 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow...
CVE Alert: CVE-2025-24326
Vulnerability Summary: CVE-2025-24326 When BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured, undisclosed traffic can case an...
CVE Alert: CVE-2024-56473
Vulnerability Summary: CVE-2024-56473 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address, which...
CVE Alert: CVE-2024-56470
Vulnerability Summary: CVE-2024-56470 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow...
CVE Alert: CVE-2024-56472
Vulnerability Summary: CVE-2024-56472 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated...
CVE Alert: CVE-2024-38318
Vulnerability Summary: CVE-2024-38318 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. A remote attacker could inject...
CVE Alert: CVE-2024-38317
Vulnerability Summary: CVE-2024-38317 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to cross-site scripting. This vulnerability allows a privileged...
CVE Alert: CVE-2025-22664
Vulnerability Summary: CVE-2025-22664 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker...
CVE Alert: CVE-2025-23645
Vulnerability Summary: CVE-2025-23645 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Optimize Worldwide Find Content IDs...
CVE Alert: CVE-2025-22794
Vulnerability Summary: CVE-2025-22794 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Landoweb Programador World Cup Predictor...
CVE Alert: CVE-2025-22700
Vulnerability Summary: CVE-2025-22700 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Traveler Code....
CVE Alert: CVE-2025-22730
Vulnerability Summary: CVE-2025-22730 Missing Authorization vulnerability in Ksher Ksher allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-24598
Vulnerability Summary: CVE-2025-24598 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster allows Reflected...
