CVE CyberSecurity Database News (Page 277)

Feb 5, 2025 API Exploit

CVE-2025-24319 - How Undisclosed API Requests Can Crash BIG-IP Next Central Manager Kubernetes Node

In early 2025, a new vulnerability was discovered in F5’s BIG-IP Next Central Manager product. Catalogued as CVE-2025-24319, this issue affects the system’s

Feb 5, 2025

CVE-2025-23419 - Bypassing Client Certificate Authentication in NGINX with Session Tickets and Shared IPs

In early 2025, a significant security issue—CVE-2025-23419—was discovered in the way NGINX handles TLS session resumption across multiple virtual servers (or “server blocks”

Feb 5, 2025 Exploit

CVE-2025-21087 - F5 BIG-IP SSL Profile/DNSSEC Resource Exhaustion Explained (with Exploit Example)

A new risk has cropped up for F5 BIG-IP administrators, tracked as CVE-2025-21087. This issue is especially worrying because it can drive up memory and

Feb 5, 2025 API Exploit

CVE-2025-20029 - Command Injection in F5 BIG-IP iControl REST & TMSH (`save` Command) — Exploit Details, Samples, and What You Should Know

In early 2025, cybersecurity experts discovered a significant vulnerability known as CVE-2025-20029. This flaw affects F5 BIG-IP appliances—specifically their *iControl REST* API and the

Feb 5, 2025 API Cisco

CVE-2025-20125 - Exploiting an API Flaw in Cisco ISE for Privilege Escalation and Remote System Disruption

A newly discovered vulnerability in Cisco Identity Services Engine (ISE), tracked as CVE-2025-20125, lets attackers with only read-only credentials access sensitive information, change configurations, and