CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...

9.8CVSS8AI score0.00119EPSS

Exploits0

Oracle linux•added 2024/05/23 12:0 a.m.•36 views

frr security update

7.5.1-22.0.1 - Fix POSTIN scriptlet Orabug: 34712485 - Resolves: RHEL-15916 - Flowspec overflow in bgpd/bgpflowspec.c - Resolves: RHEL-15919 - Out of bounds read in bgpd/bgplabel.c - Resolves: RHEL-15869 - crash from specially crafted MPUNREACHNLRI-containing BGP UPDATE message - Resolves:...

7.5CVSS7.2AI score0.05648EPSS

Exploits1

OSV•added 2023/12/06 12:27 p.m.•6 views

SUSE-SU-2023:4663-1 Security update for frr

This update for frr fixes the following issues: - CVE-2023-47235: Fixed denial of service caused by malformed BGP UPDATE message with an EOR is processed bsc1216896. - CVE-2023-47234: Fixed denial of service caused by crafted BGP UPDATE message with a MPUNREACHNLRI attribute bsc1216897. -...

9.8CVSS8.4AI score0.00205EPSS

Exploits0References9

OSV•added 2023/11/17 4:42 a.m.•5 views

SUSE-SU-2023:4473-1 Security update for frr

This update for frr fixes the following issues: - CVE-2023-46753: Fixed a crash caused from a crafted BGP UPDATE message. bsc1216626 - CVE-2023-46752: Fixed a crash caused from a mishandled malformed MPREACHNLRI data. bsc1216627...

5.9CVSS6.6AI score0.00142EPSS

Exploits0References5

Veracode•added 2023/10/27 7:53 a.m.•21 views

Denial Of Service (DoS)

libfrr.so is vulnerable to Denial of Service DoS. An insecure implementation of BGP message processing allows an attacker to cause a denial-of-service DoS condition by sending a specially crafted BGP UPDATE message to a vulnerable router which could consume a large amount of memory and cause the...

5.9CVSS6.9AI score0.00126EPSS

Exploits0References4Affected Software2

OSV•added 2023/06/05 1:53 p.m.•1 views

USN-6136-1 frr vulnerabilities

It was discovered that FRR incorrectly handled parsing certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. This issue only affected Ubuntu 23.04. CVE-2023-31489 It was discovered that FRR incorrectly handled parsing certai...

7.5CVSS6.8AI score0.05648EPSS

Exploits2References3

NCSC•added 2022/12/23 12:0 a.m.•3 views

Vulnerability fixed in Juniper JunOS

Juniper has fixed a vulnerability in JunOS and JunOS Evolved. The vulnerability allows an unauthenticated malicious person at remote user to cause a denial-of-service by sending a sending a rogue BGP message. To do this, the malicious party must have built a valid BGP session. The vulnerability i...

7.5CVSS6.9AI score0.00446EPSS

Exploits0

OSV•added 2022/10/18 2:4 p.m.•1 views

USN-5685-1 frr vulnerabilities

It was discovered that FRR incorrectly handled parsing certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. CVE-2022-37032 It was discovered that FRR incorrectly handled processing certain BGP messages. A remote attacker...

9.1CVSS7.4AI score0.02649EPSS

Exploits2References3

NVD•added 2017/07/17 1:18 p.m.•12 views

CVE-2017-2314

Receipt of a malformed BGP OPEN message may cause the routing protocol daemon rpd process to crash and restart. By continuously sending specially crafted BGP OPEN messages, an attacker can repeatedly crash the rpd process causing prolonged denial of service. No other Juniper Networks products or...

7.5CVSS7.5AI score0.00451EPSS

Exploits0References2