Lucene search
K

616 matches found

OSV
OSV
added 2026/05/26 4:16 p.m.8 views

DEBIAN-CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 4:16 p.m.18 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS0.00565EPSS
Exploits0References3
OSV
OSV
added 2026/05/26 4:16 p.m.9 views

UBUNTU-CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/26 4:16 p.m.14 views

CVE-2026-48685

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgpprotocol.hpp, the parserawbgpattribute function correctly identifies when extendedlengthbit is set and sets lengthoflengthfield...

6.5CVSS5.8AI score0.00295EPSS
Exploits0References5
OSV
OSV
added 2026/05/26 4:16 p.m.9 views

UBUNTU-CVE-2026-48685

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgpprotocol.hpp, the parserawbgpattribute function correctly identifies when extendedlengthbit is set and sets lengthoflengthfield...

6.5CVSS5.8AI score0.00295EPSS
Exploits0References6
OSV
OSV
added 2026/05/26 4:16 p.m.9 views

UBUNTU-CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS6.4AI score0.00565EPSS
Exploits0References8
OSV
OSV
added 2026/05/26 4:16 p.m.33 views

UBUNTU-CVE-2026-48692

FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials src/fastnetmon.cpp line 477 and a source code comment explicitly acknowledges 'Listen on the given address without an...

8.1CVSS6.2AI score0.00233EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/26 1:54 a.m.28 views

SUSE CVE-2026-7736

A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing a manipulation can lead to integer underflow. It is possible to launch the attack remotely. Upgrading to version 4.4.0 addresses this...

7.5CVSS6.8AI score0.00454EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:0 a.m.9 views

CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

5.9AI score0.00283EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

FastNetMon 安全漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov. It is built using multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contain security vulnerabilities, which stem from errors in handling extended length flags during the parsing of BGP path...

6.5CVSS5.8AI score0.00295EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.11 views

PT-2026-43272

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgp protocol.hpp, the parse raw bgp attribute function correctly identifies when extended length bit is set and sets length of...

5.8AI score0.00295EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/26 12:0 a.m.12 views

EUVD-2026-31898

FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the IPv4UnicastAnnounce::getattributes function computes attributelength as 'sizeofbgpaspathsegmentelementt + this-aspathasns.size sizeofuint32t' and stores it in a...

6.2AI score0.00308EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/26 12:0 a.m.43 views

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

0.00677EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/26 12:0 a.m.39 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

0.00565EPSS
Exploits0References3
CVE
CVE
added 2026/05/26 12:0 a.m.23 views

CVE-2026-48691

FastNetMon Community Edition through 1.2.9 has an integer overflow in the BGP AS_PATH encoder (src/bgp_protocol.hpp, IPv4UnicastAnnounce::get_attributes). attribute_length and path_segment_length are stored in uint8_t, so AS_PATHs >63 ASNs truncate to 0–255 for sizing but the full data is writ...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:0 a.m.11 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

6.4AI score0.00565EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/26 12:0 a.m.10 views

CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

5.9AI score0.00283EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/26 12:0 a.m.14 views

EUVD-2026-31842

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS6.4AI score0.00565EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

FastNetMon 安全漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov, based on multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contain a security vulnerability caused by the uint8t type being used for the length field in the BGP ASPATH attribute encoding, which...

9.8CVSS6.1AI score0.00308EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:0 a.m.7 views

CVE-2026-48691

FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the IPv4UnicastAnnounce::getattributes function computes attributelength as 'sizeofbgpaspathsegmentelementt + this-aspathasns.size sizeofuint32t' and stores it in a...

6.2AI score0.00308EPSS
Exploits0References4
Rows per page
Query Builder