Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2023/10/17 10:25 a.m.3 views

USN-6432-1 quagga vulnerabilities

It was discovered that the Quagga BGP daemon did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. CVE-2023-41358 It was discovered that the Quagga BGP daemon did not properly manage memory when reading initial bytes of...

9.1CVSS6.7AI score0.01058EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 6:15 a.m.2 views

SUSE CVE-2006-2223

RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that 1 disable RIPv1 or 2 require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information routing state via REQUEST packets such as SEND UPDATE...

5CVSS6.7AI score0.1128EPSS
Exploits1References4
SUSE CVE
SUSE CVEadded 2023/02/15 5:51 a.m.3 views

SUSE CVE-2011-3324

The ospf6lsaischanged function in ospf6lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service assertion failure and daemon exit via trailing zero values in the Link State Advertisement LSA header list of an IPv6 Database...

5CVSS6.8AI score0.04668EPSS
Exploits0References7
SUSE CVE
SUSE CVEadded 2023/02/15 5:51 a.m.2 views

SUSE CVE-2011-3326

The ospfflood function in ospfflood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service daemon crash via an invalid Link State Advertisement LSA type in an IPv4 Link State Update message...

5CVSS6.8AI score0.04628EPSS
Exploits0References7
SUSE CVE
SUSE CVEadded 2023/02/15 5:51 a.m.3 views

SUSE CVE-2011-3327

Heap-based buffer overflow in the ecommunityecom2str function in bgpecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4...

7.5CVSS8.2AI score0.07615EPSS
Exploits0References7
SUSE CVE
SUSE CVEadded 2023/02/15 4:31 a.m.2 views

SUSE CVE-2018-5381

The Quagga BGP daemon bgpd prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgppacket.c:bgpcapabilitymsgparse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI,...

7.5CVSS6.6AI score0.30462EPSS
Exploits0References8
Check Point Advisories
Check Point Advisoriesadded 2017/04/03 12:0 a.m.1 views

Quagga VTY Interface Denial of Service (CVE-2017-5495)

A denial-of-service vulnerability has been discovered in Quagga. The vulnerability is due to an input validation error in the Quagga VTY service. A remote attacker can exploit this vulnerability by sending data without a newline character to a Quagga daemon's VTY interface...

7.8CVSS4AI score0.18803EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2012/09/12 7:56 p.m.1 views

(ospfd): Denial of service by decoding too short Hello packet or Hello packet with invalid OSPFv2 header type

ospfpacket.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service daemon crash via 1 a 0x0a type field in an IPv4 packet header or 2 a truncated IPv4 Hello packet...

5CVSS7.4AI score0.04628EPSS
Exploits0References4
Rows per page
Query Builder