CVE-2025-41433 – F5 BIG-IP SIP MRF ALG Profile Denial of Service Vulnerability

May 7, 2025

CVE ID : CVE-2025-41433

Published : May 7, 2025, 10:15 p.m. | 1 hour, 21 minutes ago

Description : When a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is configured on a Message Routing virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43878 – F5OS-C/A Appliance Mode Bypass Vulnerability

Next Article CVE-2025-41399 – F5 BIG-IP SCTP Profile Memory Exhaustion Vulnerability

Highlights

CVE-2025-7697 – Google Sheets Integration for WordPress PHP Object Injection Vulnerability

July 19, 2025

CVE ID : CVE-2025-7697

Published : July 19, 2025, 5:15 a.m. | 18 hours, 29 minutes ago

Description : The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.1 via deserialization of untrusted input within the verify_field_val() function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in the Contact Form 7 plugin, which is likely to be used alongside, allows attackers to delete arbitrary files, leading to a denial of service or remote code execution when the wp-config.php file is deleted.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-41433 – F5 BIG-IP SIP MRF ALG Profile Denial of Service Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-9377 – “TP-Link Archer C7/EU and TL-WR841N/ND(MS) Remote Command Execution Vulnerability”

CVE-2025-37987 – Linux PDS Core AdminQ Overflow/Stuck Condition Vulnerability

Securing Agentic AI: How to Protect the Invisible Identity Access

CVE-2025-50165 – Microsoft Graphics Component Remote Code Execution Vulnerability

CVE-2025-7697 – Google Sheets Integration for WordPress PHP Object Injection Vulnerability

Photos of ASUS’ Xbox-branded handheld leak online

Apotheke Stadt

CVE-2025-52814 – Ovatheme BRW PHP RFI Vulnerability

CVE-2025-41433 – F5 BIG-IP SIP MRF ALG Profile Denial of Service Vulnerability

Related Posts