Lucene search
K

2437 matches found

NVD
NVD
added 2026/05/04 6:16 p.m.14 views

CVE-2026-37459

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS0.00371EPSS
Exploits0References6
NVD
NVD
added 2026/05/04 5:16 p.m.47 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS0.00335EPSS
Exploits0References3
OSV
OSV
added 2026/05/04 5:16 p.m.5 views

UBUNTU-CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/04 6:32 a.m.11 views

GoBGP has an Improper Resource Shutdown or Release

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

7.5CVSS5.5AI score0.00464EPSS
Exploits0References8Affected Software1
Snyk
Snyk
added 2026/05/04 6:24 a.m.4 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the DecodeFromBytes function of the AIGP Attribute Parser. An attacker can execute arbitrary code, cause a denial of service, or compromise data integrity and confidentiality by sending specially crafted BGP packets t...

7.5CVSS6AI score0.00361EPSS
Exploits0References2
OSV
OSV
added 2026/05/04 6:16 a.m.7 views

UBUNTU-CVE-2026-7734

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

7.5CVSS5.5AI score0.00464EPSS
Exploits0References4
OSV
OSV
added 2026/05/04 6:16 a.m.11 views

UBUNTU-CVE-2026-7735

A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading...

7.3CVSS7.1AI score0.00361EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 5:45 a.m.16 views

EUVD-2026-26917

A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...

6.9CVSS5.7AI score0.00631EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/04 5:30 a.m.33 views

CVE-2026-7736 osrg GoBGP mrt.go parseRibEntry integer underflow

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

7.5CVSS0.00454EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:30 a.m.7 views

CVE-2026-7736

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

7.5CVSS6.9AI score0.00454EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/04 5:15 a.m.5 views

CVE-2026-7735 osrg GoBGP AIGP Attribute bgp.go PathAttributeAigp.DecodeFromBytes buffer overflow

A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading...

7.5CVSS7.2AI score0.00361EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/04 5:0 a.m.10 views

EUVD-2026-26914

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

6.9CVSS5.6AI score0.00464EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.8 views

PT-2026-36875

Name of the Vulnerable Software and Affected Versions FRRouting FRR versions 10.0 through 10.6 Description An integer underflow occurs when a program calculates a value that is smaller than the minimum value the variable can hold, often wrapping around to a very large number. This issue allows...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References32
Vulnrichment
Vulnrichment
added 2026/05/04 12:0 a.m.10 views

CVE-2026-37459

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00371EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 12:0 a.m.8 views

EUVD-2026-27047

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 12:0 a.m.58 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

0.00335EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.7 views

PT-2026-36780

Name of the Vulnerable Software and Affected Versions osrg GoBGP versions prior to 4.4.0 Description A remote out-of-bounds read can occur within the BMP Parser component. The issue exists in the BMPPeerUpNotification.ParseBody and BMPStatisticsReport.ParseBody functions located in the...

7.5CVSS6.4AI score0.00631EPSS
Exploits0References22
Vulnrichment
Vulnrichment
added 2026/05/04 12:0 a.m.6 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00335EPSS
Exploits0References3
CVE
CVE
added 2026/05/04 12:0 a.m.33 views

CVE-2026-37459

FRRouting (FRR) versions stable/10.0 through stable/10.6 are affected by an integer underflow in BGP UPDATE processing, allowing an attacker to induce a Denial of Service. The vulnerability arises in the handling of crafted BGP UPDATE messages. No explicit exploit details or affected product name...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References6
CVE
CVE
added 2026/05/04 12:0 a.m.28 views

CVE-2026-37461

CVE-2026-37461 describes an out-of-bounds read in gobgp v4.3.0, in the ParseIP6Extended function (/bgp/bgp.go). The vulnerability can be exploited by a crafted BGP UPDATE message, leading to a Denial of Service. The provided documents identify the affected component and the root cause, but do not...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder