CVE-2025-67499 CNI Plugins Portmap nftables backend intercepts non-local traffic

The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftables backend, thus...

EUVD-2018-0830

Malware in sbrugna...

EUVD-2015-6200

Malware in sbrugna...

EUVD-2020-24836

Malware in sbrugna...

EUVD-2024-36622

Malicious code in bioql PyPI...

EUVD-2024-54607

Malicious code in bioql PyPI...

EUVD-2023-2624

Malicious code in bioql PyPI...

EUVD-2021-2882

Malicious code in bioql PyPI...

Security Bulletin: Astronomer with IBM is vulnerable to unintentional traffic forwarding due to kube-proxy (CVE-2021-25736)

Summary Kube-proxy is used by Astronomer with IBM as part of Kubernetes functionality. Vulnerability Details CVEID:CVE-2021-25736 DESCRIPTION: Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port “spec.ports.port” as a LoadBalancer Service when t...

CVE-2024-11185

On affected platforms running Arista EOS, ingress traffic on Layer 2 ports may, under certain conditions, be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries...

CVE-2024-11185

On affected platforms running Arista EOS, ingress traffic on Layer 2 ports may, under certain conditions, be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries...

CVE-2024-11185 On affected platforms running Arista EOS, ingress traffic on Layer 2 ports may, under certain conditions, be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries.

On affected platforms running Arista EOS, ingress traffic on Layer 2 ports may, under certain conditions, be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries...

CVE-2024-11185

CVE-2024-11185 affects Arista EOS: ingress traffic on Layer-2 ports can be improperly forwarded to VLANs other than the intended one, breaching VLAN isolation. Affected EOS releases include 4.29.x (4.29.10M and below), 4.30.x (4.30.9M and below), 4.31.x (4.31.6M and below), 4.32.x (4.32.3M and be...

CVE-2025-30657

An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon SRRD of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When a device configured for flow-monitoring receives a specific BGP update message, i...

CVE-2024-28248

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being...

CVE-2024-37380

A misconfiguration on UniFi U6+ Access Point could cause an incorrect VLAN traffic forwarding to APs meshed to UniFi U6+ Access Point. Affected Products: UniFi U6+ Access Point Version 6.6.65 and earlier Mitigation: Update your UniFi U6+ Access Point to Version 6.6.74 or later...

CVE-2024-37380

CVE-2024-37380 affects UniFi U6+ Access Point (versions ≤ 6.6.65). The root cause is a misconfiguration that could cause VLAN traffic to be forwarded incorrectly among APs meshed to the U6+. Impact described as VLAN traffic forwarding issues; exploit details are not provided in the documents. Rec...

CVE-2024-30384

CVE-2024-30384 concerns Juniper Networks Junos OS on the EX4300 Series. The issue is an improper check for unusual or exceptional conditions in the Packet Forwarding Engine (PFE) that lets a locally authenticated user with low privileges trigger a PFE crash by issuing a specific CLI command. The ...

CVE-2024-28248 Cilium intermittent HTTP policy bypass

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.13.9 and prior to versions 1.13.13, 1.14.8, and 1.15.2, Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP traffic being...

PT-2024-22363 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions 1.13.9 through 1.13.12 Cilium versions 1.14.0 through 1.14.7 Cilium versions 1.15.0 through 1.15.1 Description: Cilium's HTTP policies are not consistently applied to all traffic in the scope of the policies, leading to HTTP...