CVE-2026-41643

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during th...

SUSE CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

USN-8376-1: FRR vulnerabilities

It was discovered that FRR incorrectly handled certain OSPF Traffic Engineering and Segment Routing TLVs. An attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. CVE-2026-28532 It was discovered that FRR incorrectly handled certain BGP FlowSpec component...

CVE-2026-44392

Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update processing may be executed...

EUVD-2026-31066

Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update processing may be executed...

CVE-2026-44392

Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update processing may be executed...

CVE-2026-44392

Technical details (affected components, root cause, impacted versions, or exploit information) are not provided in the supplied documents. Please monitor official advisories and CVE records for updates.

PT-2026-42108

Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update processing may be executed...

PT-2026-37259

Name of the Vulnerable Software and Affected Versions GoBGP versions prior to 4.5.0 Description An unauthenticated remote BGP peer can cause a fatal panic and complete loss of service availability by sending a specially crafted BGP UPDATE message. When the server receives a message with...

CVE-2024-33031

CVE-2024-33031 concerns memory corruption in Qualcomm chipsets, attributed to the Radio Interface Layer (RIL) when processing the update SIM PB records request. The CVE is described as an improper input validation bug in RIL, with a CVSSv3.1 base score of 6.7 (Medium). The impact is listed as hig...

AZL-34691 CVE-2023-47235 affecting package frr for versions less than 9.1-2

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome...

PT-2023-9208 · Unknown +10 · Frrouting Frr +10

Name of the Vulnerable Software and Affected Versions: FRRouting FRR versions through 9.0.1 Description: An issue was discovered in FRRouting where a crash can occur when a malformed BGP UPDATE message with an EOR is processed. This happens because the presence of EOR does not lead to a...

The vulnerability of the Yarus C2100 payment terminal software allows a perpetrator to execute arbitrary code on the device with privileges as a non-privileged POS user.

The vulnerability of the Yarus C2100 payment terminal software lies in the possibility of buffer overflows during the processing of update files. Exploiting this vulnerability allows a malicious actor to recompile program objects, alter the program’s execution flow, and execute their own code tha...

The vulnerability of the BGP protocol implementation in the NX-OS network operating system in ACI Mode allows a attacker to cause a service failure.

The vulnerability of the BGP protocol implementation in the NX-OS network operating system in ACI Mode is related to errors in processing parameters during the reception of BGP updates. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2020-15667

When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. Within Firefox as released by Mozilla, this issue is only exploitable with the Mozilla-controll...