Lucene search
K

145 matches found

UbuntuCve
UbuntuCve
added 2018/02/13 12:0 a.m.26 views

CVE-2018-5379

The Quagga BGP daemon bgpd prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code...

9.8CVSS7.1AI score0.39045EPSS
Exploits0References3
CNVD
CNVD
added 2017/12/29 12:0 a.m.5 views

WordPress Payment Form for PayPal Pro Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Payment Form for PayPal Pro plugin is used in one of the payment plugin. WordPress Payment Form for PayPal Pro...

6.1CVSS6AI score0.01776EPSS
Exploits2References1
Prion
Prion
added 2016/10/06 10:59 a.m.15 views

Command injection

Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service device reload by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and...

7.1CVSS7.2AI score0.01877EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2016/07/06 2:59 p.m.1 views

DEBIAN-CVE-2016-6170

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service secondary DNS server crash via a large AXFR response, and possibly allows IXFR servers to cause a denial of service IXFR client crash via a large IXFR response...

6.5CVSS6.4AI score0.40536EPSS
Exploits1References1
OSV
OSV
added 2016/07/06 2:59 p.m.8 views

CVE-2016-6170

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service secondary DNS server crash via a large AXFR response, and possibly allows IXFR servers to cause a denial of service IXFR client crash via a large IXFR response...

6.5CVSS6.2AI score0.40536EPSS
Exploits1References11
Prion
Prion
added 2016/07/06 2:59 p.m.31 views

Code injection

ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service secondary DNS server crash via a large AXFR response, and possibly allows IXFR servers to cause a denial of service IXFR client crash via a large IXFR response...

4CVSS6.6AI score0.40536EPSS
Exploits1References11Affected Software2
CNVD
CNVD
added 2016/04/16 12:0 a.m.3 views

Juniper Networks Junos OS BGP 'family l2vpn' UPDATE Denial of Service Vulnerability

Juniper Networks Junos OS is a network operating system dedicated to the company's hardware systems. A security vulnerability in Juniper Networks Junos OS using BGP based L2VPN and VPLS configuration allows remote attackers to conduct denial of service attacks by submitting a BGP 'family l2vpn'...

7.5CVSS6.8AI score0.01259EPSS
Exploits0References1
NVD
NVD
added 2014/01/15 4:8 p.m.19 views

CVE-2014-0616

Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R4-S2, 13.1 before 13.1R3-S1, 13.2 before 13.2R2, and 13.3 before 13.3R1 allows remote attackers ...

7.1CVSS6.6AI score0.01777EPSS
Exploits0References4
Cisco
Cisco
added 2014/01/06 9:54 p.m.27 views

Cisco NX-OS Software Crafted Border Gateway Protocol Update Message Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol BGP functionality of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause all BGP sessions on the device to reset. The vulnerability is due to the improper processing of specifically crafted BGP update messages. An attacker...

4.3CVSS2.2AI score0.02833EPSS
Exploits0References1
Prion
Prion
added 2013/10/14 3:34 a.m.20 views

Code injection

The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service BGP service reset and resync via a malformed UPDATE message, aka Bug ID CSCtn13065...

4.3CVSS7.1AI score0.01606EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/10/14 1:0 a.m.28 views

CVE-2012-4099

The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service BGP service reset and resync via a malformed UPDATE message, aka Bug ID CSCtn13065...

6.6AI score0.01606EPSS
Exploits0References2
NVD
NVD
added 2013/10/05 10:55 a.m.20 views

CVE-2012-4098

The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service BGP service reset and resync via a malformed UPDATE message, aka Bug ID CSCtn13055...

5CVSS6.6AI score0.02398EPSS
Exploits0References3
Prion
Prion
added 2013/03/26 3:42 a.m.17 views

Code injection

The XML parser in the Cisco Jabber IM application for Android allows remote authenticated users to cause a denial of service blocked connection by leveraging an entry on a Buddy list and sending a crafted XMPP presence update message, aka Bug ID CSCue38383...

6.3CVSS6.7AI score0.00933EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2012/09/12 7:56 p.m.5 views

(bgpd): Heap-based buffer overflow by decoding BGP UPDATE message with unknown AS_PATH attributes

Heap-based buffer overflow in the ecommunityecom2str function in bgpecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4...

7.5CVSS8AI score0.07615EPSS
Exploits0References4
NVD
NVD
added 2012/04/30 8:55 p.m.18 views

CVE-2012-2416

chansip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service daemon crash by sending a SIP UPDATE...

6.5CVSS6AI score0.0219EPSS
Exploits0References8
OSV
OSV
added 2012/04/30 8:55 p.m.1 views

DEBIAN-CVE-2012-2416

chansip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service daemon crash by sending a SIP UPDATE...

6.5CVSS6.3AI score0.0219EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2012/04/30 8:0 p.m.23 views

CVE-2012-2416

chansip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of service daemon crash by sending a SIP UPDATE...

6.5CVSS6AI score0.0219EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2011/10/10 12:0 a.m.19 views

CVE-2011-3327

Heap-based buffer overflow in the ecommunityecom2str function in bgpecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by sending a crafted BGP UPDATE message over IPv4...

7.5CVSS7.5AI score0.07615EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2010/12/06 7:14 p.m.4 views

(bgpd): DoS (crash) while processing certain BGP update AS path messages

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unknown AS type in an AS path attribute in a BGP UPDATE message...

5CVSS5.8AI score0.03377EPSS
Exploits0References4
Prion
Prion
added 2010/09/10 7:0 p.m.20 views

Null pointer dereference

bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unknown AS type in an AS path attribute in a BGP UPDATE message...

5CVSS6.9AI score0.03377EPSS
Exploits0References22Affected Software1
Rows per page
Query Builder