Lucene search
K

366 matches found

Vulnrichment
Vulnrichment
added 2026/05/04 12:0 a.m.10 views

CVE-2026-37459

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00371EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 12:0 a.m.8 views

EUVD-2026-27047

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 12:0 a.m.58 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

0.00335EPSS
Exploits0References3
CVE
CVE
added 2026/05/04 12:0 a.m.28 views

CVE-2026-37461

CVE-2026-37461 describes an out-of-bounds read in gobgp v4.3.0, in the ParseIP6Extended function (/bgp/bgp.go). The vulnerability can be exploited by a crafted BGP UPDATE message, leading to a Denial of Service. The provided documents identify the affected component and the root cause, but do not...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/04 12:0 a.m.6 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00335EPSS
Exploits0References3
CVE
CVE
added 2026/05/04 12:0 a.m.33 views

CVE-2026-37459

FRRouting (FRR) versions stable/10.0 through stable/10.6 are affected by an integer underflow in BGP UPDATE processing, allowing an attacker to induce a Denial of Service. The vulnerability arises in the handling of crafted BGP UPDATE messages. No explicit exploit details or affected product name...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.9 views

PT-2026-36875

Name of the Vulnerable Software and Affected Versions FRRouting FRR versions 10.0 through 10.6 Description An integer underflow occurs when a program calculates a value that is smaller than the minimum value the variable can hold, often wrapping around to a very large number. This issue allows...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References32
Github Security Blog
Github Security Blog
added 2026/04/29 8:44 p.m.11 views

GoBGP has Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE

Summary A remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during the processing of 4-byte AS attributes when the message structure causes an internal slice index shift that is not...

7.5CVSS5.6AI score0.00503EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2026/04/29 8:43 p.m.5 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the recvMessageloop process. An attacker can cause the daemon to crash by sending a specially crafted BGP UPDATE message containing an unrecognized Path Attribute marked as "Well-known," which leads to a nil...

8.7CVSS5.8AI score0.00503EPSS
Exploits1References2
OSV
OSV
added 2026/04/29 8:43 p.m.9 views

GHSA-7235-89M6-F4PX GoBGP has Remote Denial of Service (Panic) via Malformed Well-known Path Attribute

Summary A remote Denial of Service DoS vulnerability exists in GoBGP due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as "Well-known," the daemon fails to interrupt the message handling flow. This results in an illegal memory...

7.5CVSS5.9AI score0.00503EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.11 views

PT-2026-37135

Name of the Vulnerable Software and Affected Versions GoBGP versions prior to 4.4.0 Description A remote Denial of Service DoS issue exists due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as "Well-known," the daemon fails to...

7.5CVSS5.8AI score0.00503EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.7 views

Juniper Junos OS Vulnerability (JSA83015)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83015 advisory. - An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sendin...

8.7CVSS5.8AI score0.00503EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : frr-7.5.1-7.el8.2.ML.1 (AXSA:2023-6437:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6437:06 advisory. frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router CVE-2023-38802 Tenable has extracted the preceding...

7.5CVSS5.5AI score0.01437EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 9 : frr-8.3.1-5.el9.2.ML.1 (AXSA:2023-6435:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6435:05 advisory. frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router CVE-2023-38802 Tenable has extracted the preceding...

7.5CVSS5.5AI score0.01437EPSS
Exploits1References2
OSV
OSV
added 2026/01/15 9:16 p.m.6 views

CVE-2025-60003

A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...

7.5CVSS5.7AI score0.00367EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.12 views

PT-2026-3110

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S8 Juniper Networks Junos OS versions 23.2 through 23.2R2-S5 Juniper Networks Junos OS versions 23.4 through 23.4R2-S6 Juniper Networks Junos OS versions 24.2 through 24.2R2-S2 Juniper Network...

8.7CVSS6.8AI score0.00367EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.5 views

Siemens Ruggedcom ROX Improper Input Validation (CVE-2023-47234)

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.7AI score0.00911EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.5 views

Siemens Ruggedcom ROX Incorrect Authorization (CVE-2023-46753)

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

5.9CVSS6.9AI score0.00785EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/09 6:30 p.m.5 views

EUVD-2025-33363

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service DoS. When an affected system receives a specific BGP EVPN updat...

8.7CVSS6.4AI score0.00393EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-2553

Malware in sbrugna...

7.1CVSS6.4AI score0.01877EPSS
Exploits0References4
Rows per page
Query Builder