CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

838 matches found

BDU FSTEC•added 2022/08/18 12:0 a.m.•4 views

The vulnerabilities of the functions `bgp_notify_send_with_data()` and `bgp_process_packet()` (from the file `bgp_packet.c`) of the FRRouting network routing implementation software on Unix-like systems allow a attacker to execute arbitrary code.

The vulnerabilities of the functions bgpnotifysendwithdata and bgpprocesspacket in the bgppacket.c file of the networking routing software for Unix-like systems in FRRouting are related to the use of memory after it is freed. Exploiting these vulnerabilities could allow a malicious actor, operati...

4.3CVSS8AI score0.01923EPSS

Exploits1References4Affected Software2

RedhatCVE•added 2022/08/16 9:38 a.m.•102 views

CVE-2022-37035

A flaw was found in bgpd in FRRouting FRR. There is a possible use-after-free issue due to a race condition in bgpnotifysendwithdata and bgpprocesspacket in bgppacket.c. This issue can lead to remote code execution or information disclosure by sending crafted BGP packets...

8.1CVSS2.2AI score0.01923EPSS

Exploits1References3

NVD•added 2022/08/02 11:15 p.m.•17 views

CVE-2022-37035

An issue was discovered in bgpd in FRRouting FRR 8.3. In bgpnotifysendwithdata and bgpprocesspacket in bgppacket.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is no...

8.1CVSS0.01923EPSS

Exploits1References4

OSV•added 2022/08/02 11:15 p.m.•23 views

CVE-2022-37035

8.1CVSS7.2AI score

Exploits0References4

UbuntuCve•added 2022/08/02 11:15 p.m.•51 views

CVE-2022-37035

8.1CVSS7.2AI score0.01923EPSS

Exploits1References4

Prion•added 2022/08/02 11:15 p.m.•19 views

Race condition

5.1CVSS7.9AI score0.01923EPSS

Exploits1References2Affected Software1

OSV•added 2022/08/02 11:15 p.m.•0 views

UBUNTU-CVE-2022-37035

8.1CVSS7.4AI score0.01923EPSS

Exploits1References5

CVE•added 2022/08/02 12:0 a.m.•147 views

CVE-2022-37035

FRR's bgpd contains a use-after-free condition in bgp_notify_send_with_data() and bgp_process_packet() (bgp_packet.c) due to a race, allowing possible Remote Code Execution or Information Disclosure via crafted BGP packets (no user interaction). Affected: FRRouting (FRR) v8.3 and earlier; ATT&CK ...

8.1CVSS8.4AI score0.01923EPSS

Exploits1References4Affected Software1

CNNVD•added 2022/08/02 12:0 a.m.•4 views

FRRouting FRR 竞争条件问题漏洞

FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 8.3, which stems from a race condition in bgpnotifysendwithdata and bgpprocesspacket in its bgpd component, bgppacket.c, which could b...

8.1CVSS8.3AI score0.01923EPSS

Exploits1References6

Cvelist•added 2022/08/02 12:0 a.m.•35 views

CVE-2022-37035

8.8AI score0.01923EPSS

Exploits1References3

Debian CVE•added 2022/08/02 12:0 a.m.•40 views

CVE-2022-37035

8.1CVSS8.1AI score0.01923EPSS

Exploits1

OpenVAS•added 2022/05/08 12:0 a.m.•20 views

Fedora: Security Advisory for frr (FEDORA-2022-376cb924bd)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.7AI score0.01068EPSS

Exploits1References2

Fedora•added 2022/05/07 4:57 a.m.•30 views

[SECURITY] Fedora 36 Update: frr-8.2.2-2.fc36

FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EI GRP and BFD. FRRouting is a fork of Quagga...

7.8CVSS7.8AI score0.01068EPSS

Exploits1

OpenVAS•added 2022/04/21 12:0 a.m.•21 views

Fedora: Security Advisory for frr (FEDORA-2022-c8c2e42934)

7.8CVSS7.7AI score0.01068EPSS

Exploits1References2

OpenVAS•added 2022/04/21 12:0 a.m.•20 views

Fedora: Security Advisory for frr (FEDORA-2022-3b86b4a6ef)

7.8CVSS7.7AI score0.01068EPSS

Exploits1References2

Fedora•added 2022/04/20 7:16 p.m.•34 views

[SECURITY] Fedora 34 Update: frr-8.0.1-2.fc34

7.8CVSS7.8AI score0.01068EPSS

Exploits1

Fedora•added 2022/04/20 7:12 p.m.•36 views

[SECURITY] Fedora 35 Update: frr-8.2.2-2.fc35

7.8CVSS7.8AI score0.01068EPSS

Exploits1

Veracode•added 2022/03/25 6:30 p.m.•21 views

Buffer Overflow

FRRouting/frr is vulnerable to Buffer overflows. The vulnerability exists due to wrong checks within the input packet length in isisd/isistlvs.c. This could allow an attacker to perform arbitrary out of bound writes...

7.8CVSS3.9AI score0.01007EPSS

Exploits1References3Affected Software2

Tenable Nessus•added 2022/03/22 12:0 a.m.•36 views

SUSE SLES15 Security Update : frr (SUSE-SU-2022:0901-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0901-1 advisory. - Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in...

7.8CVSS7.8AI score0.01068EPSS

Exploits5References17

Tenable Nessus•added 2022/03/20 12:0 a.m.•54 views

openSUSE 15 Security Update : frr (openSUSE-SU-2022:0901-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0901-1 advisory. - Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isistlvs.c...

7.8CVSS7.8AI score0.01068EPSS

Exploits5References17

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by