CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

UBUNTU-CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

EUVD-2014-6270

Malware in sbrugna...

EUVD-2019-0810

Malware in sbrugna...

EUVD-2021-18277

Malware in sbrugna...

EUVD-2023-32582

Malicious code in bioql PyPI...

EUVD-2024-48006

Malicious code in bioql PyPI...

EUVD-2021-2830

Malicious code in bioql PyPI...

CVE-2024-6437

On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing PBR, BGP Flowspec, or interface traffic policy -- certain IP traffic such as IPv4 packets with IP options may bypass the feature's set nexthop action a...

CVE-2024-6437 On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing (PBR), BGP Flowspec, or interface traffic policy -- certain IP traffic such as IPv4 packets with IP options ma

On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing PBR, BGP Flowspec, or interface traffic policy -- certain IP traffic such as IPv4 packets with IP options may bypass the feature's set nexthop action a...

CVE-2024-6437

CVE-2024-6437 affects Arista EOS when policy-based routing (PBR), BGP Flowspec, or interface traffic policy is configured to redirect traffic to a next hop. The issue causes certain IPv4 packets (e.g., with IP options) to bypass the configured nexthop and be slow-path forwarded by the kernel to t...

PT-2025-3683 · Arista · Arista Eos

Name of the Vulnerable Software and Affected Versions: Arista EOS versions prior to 4.32.1F Description: The issue affects Arista EOS platforms with features like policy-based routing PBR, BGP Flowspec, or interface traffic policy configured to redirect IP traffic to a next hop. Certain IP traffi...

Security Advisory 0108

Security Advisory 0108 . CSAF PDF Date: December 5, 2024 Revision | Date | Changes ---|---|--- 1.0 | November 26, 2024 | Initial release 1.1 | December 5, 2024 | Update the affected and fixed EOS versions The CVE-ID tracking this issue: CVE-2024-6437 CVSSv3.1 Base Score: 5.8 CVSS:3.1/...

USN-6436-1: FRR vulnerabilities

It was discovered that the FRR did not properly check the attribute length in NRLI. A remote attacker could possibly use this issue to cause a denial of service. CVE-2023-41358 It was discovered that the FRR did not properly manage memory when reading initial bytes of ORF header. A remote attacke...

Ubuntu: Security Advisory (USN-6436-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-41909

An issue was discovered in FRRouting FRR through 9.0. bgpnlriparseflowspec in bgpd/bgpflowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference...

FRRouting FRR Code Issue Vulnerability

FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR, which stems from bgpnlriparseflowspec in bgpd/bgpflowspec.c, which handles special requests and causes null pointer dereferences...