CVE

CVE Alert: CVE-2024-56131

February 6, 2025

Vulnerability Summary: CVE-2024-56131 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue...

CVE Alert: CVE-2024-56133

February 6, 2025

Vulnerability Summary: CVE-2024-56133 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue...

CVE Alert: CVE-2025-20045

February 6, 2025

Vulnerability Summary: CVE-2025-20045 When SIP session Application Level Gateway mode (ALG) profile with Passthru Mode enabled and SIP router ALG...

CVE Alert: CVE-2025-20058

February 6, 2025

Vulnerability Summary: CVE-2025-20058 When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can cause an...

CVE Alert: CVE-2024-56134

February 6, 2025

Vulnerability Summary: CVE-2024-56134 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue...

CVE Alert: CVE-2025-20029

February 6, 2025

Vulnerability Summary: CVE-2025-20029 Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command, which may allow...

CVE Alert: CVE-2024-56135

February 6, 2025

Vulnerability Summary: CVE-2024-56135 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection. This issue...

CVE Alert: CVE-2025-21087

February 6, 2025

Vulnerability Summary: CVE-2025-21087 When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing operations are...

CVE Alert: CVE-2025-21091

February 6, 2025

Vulnerability Summary: CVE-2025-21091 When SNMP v1 or v2c are disabled on the BIG-IP, undisclosed requests can cause an increase in...

CVE Alert: CVE-2025-23413

February 6, 2025

Vulnerability Summary: CVE-2025-23413 When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may...

CVE Alert: CVE-2025-22891

February 6, 2025

Vulnerability Summary: CVE-2025-22891 When BIG-IP PEM Control Plane listener Virtual Server is configured with Diameter Endpoint profile, undisclosed traffic can...

CVE Alert: CVE-2025-23412

February 6, 2025

Vulnerability Summary: CVE-2025-23412 When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause TMM to...

CVE Alert: CVE-2025-23239

February 6, 2025

Vulnerability Summary: CVE-2025-23239 When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST...

CVE Alert: CVE-2025-22846

February 6, 2025

Vulnerability Summary: CVE-2025-22846 When SIP Session and Router ALG profiles are configured on a Message Routing type virtual server, undisclosed...

CVE Alert: CVE-2025-24312

February 6, 2025

Vulnerability Summary: CVE-2025-24312 When BIG-IP AFM is provisioned with IPS module enabled and protocol inspection profile is configured on a...

CVE Alert: CVE-2025-23415

February 6, 2025

Vulnerability Summary: CVE-2025-23415 An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access Policy endpoint inspection that may...

CVE Alert: CVE-2025-24320

February 6, 2025

Vulnerability Summary: CVE-2025-24320 A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that...

CVE Alert: CVE-2025-24319

February 6, 2025

Vulnerability Summary: CVE-2025-24319 When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager API can...

CVE Alert: CVE-2025-23419

February 6, 2025

Vulnerability Summary: CVE-2025-23419 When multiple server blocks are configured to share the same IP address and port, an attacker can...

CVE Alert: CVE-2025-24497

February 6, 2025

Vulnerability Summary: CVE-2025-24497 When URL categorization is configured on a virtual server, undisclosed requests can cause TMM to terminate. Note:...

CVE Alert: CVE-2024-38316

February 6, 2025

Vulnerability Summary: CVE-2024-38316 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an authenticated...

CVE Alert: CVE-2025-24372

February 6, 2025

Vulnerability Summary: CVE-2025-24372 CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Using a...

CVE Alert: CVE-2024-56471

February 6, 2025

Vulnerability Summary: CVE-2024-56471 IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF). This may allow...

CVE Alert: CVE-2025-24326

February 6, 2025

Vulnerability Summary: CVE-2025-24326 When BIG-IP Advanced WAF/ASM Behavioral DoS (BADoS) TLS Signatures feature is configured, undisclosed traffic can case an...

CVE

CVE Alert: CVE-2024-56131

CVE Alert: CVE-2024-56133

CVE Alert: CVE-2025-20045

CVE Alert: CVE-2025-20058

CVE Alert: CVE-2024-56134

CVE Alert: CVE-2025-20029

CVE Alert: CVE-2024-56135

CVE Alert: CVE-2025-21087

CVE Alert: CVE-2025-21091

CVE Alert: CVE-2025-23413

CVE Alert: CVE-2025-22891

CVE Alert: CVE-2025-23412

CVE Alert: CVE-2025-23239

CVE Alert: CVE-2025-22846

CVE Alert: CVE-2025-24312

CVE Alert: CVE-2025-23415

CVE Alert: CVE-2025-24320

CVE Alert: CVE-2025-24319

CVE Alert: CVE-2025-23419

CVE Alert: CVE-2025-24497

CVE Alert: CVE-2024-38316

CVE Alert: CVE-2025-24372

CVE Alert: CVE-2024-56471

CVE Alert: CVE-2025-24326

US-CERT Vulnerability Summary for the Week of February 3, 2025

CVE Alert: CVE-2024-13440

HackerOne Bug Bounty Disclosure: clickjacking-in-main-domain-hxxps-topechelon-com-genz

HackerOne Bug Bounty Disclosure: improper-cache-handling-allows-access-to-post-logout-pages-victim-of-life

CISA: Ivanti Releases Security Updates for Multiple Products

You may have missed