Lucene search
K

6 matches found

NVD
NVD
added 2026/05/04 6:16 a.m.39 views

CVE-2026-7734

A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...

7.5CVSS0.00464EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/04 5:45 a.m.41 views

CVE-2026-7737 osrg GoBGP BMP Parser bmp.go BMPStatisticsReport.ParseBody out-of-bounds

A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of the component BMP Parser. The manipulation leads to out-of-bounds read. The attack can be initiated...

6.9CVSS0.00631EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/04 5:15 a.m.6 views

CVE-2026-7735

A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading...

7.5CVSS7.3AI score0.00361EPSS
Exploits0References7Affected Software1
Snyk
Snyk
added 2026/04/10 7:49 p.m.5 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to the lack of a RequireScopes call in internal/router/comment.go comment panel admin endpoint. An attacker can gain unauthorized access to comment moderation operations, including listing, approving, rejecting...

6.9CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.4 views

PT-2022-20005

Name of the Vulnerable Software and Affected Versions Jirafeau versions prior to 4.4.0 Description The file preview functionality in Jirafeau, which is enabled by default, could be exploited for cross-site scripting. An attacker could upload image/svg+xml files containing JavaScript. When someone...

6.1CVSS6AI score0.0053EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2022/05/04 12:0 a.m.6 views

PT-2022-18782 · Fusionpbx · Fusionpbx

Name of the Vulnerable Software and Affected Versions: Fusionpbx versions prior to 4.4 Description: The issue concerns a command injection vulnerability. This vulnerability can be exploited via the download email logs function. Recommendations: For Fusionpbx versions prior to 4.4, update to a...

9.8CVSS9.6AI score0.01449EPSS
Exploits0References3
Rows per page
Query Builder