VDB

GCVE-110-NCSC-2025-41

GCVE-110-NCSC-2025-41
Advisory PublishedCVSS 7.5/10
Vulnetix · Advisory published February 7, 2025
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Weaknesses (CWE)

CWE-190Integer Overflow or WraparoundCWE-476NULL Pointer DereferenceCWE-311Missing Encryption of Sensitive DataCWE-426Untrusted Search PathCWE-693Protection Mechanism FailureCWE-367Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-400Uncontrolled Resource ConsumptionCWE-401Missing Release of Memory after Effective LifetimeCWE-404Improper Resource Shutdown or ReleaseCWE-772Missing Release of Resource after Effective LifetimeCWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')CWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')CWE-532Insertion of Sensitive Information into Log FileCWE-345Insufficient Verification of Data AuthenticityCWE-287Improper AuthenticationCWE-770Allocation of Resources Without Limits or ThrottlingCWE-20Improper Input ValidationCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-787Out-of-bounds WriteCWE-125Out-of-bounds Read

Risk Scores

CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersionsPlatforms
f5big-ip
f5nginx_plus
f5big-ip_next_central_manager
f5big-ip_next
f5big-ip_next_spk
f5big-ip_next_cnf
f5nginx_open_source

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,738 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›