Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

Veracode
Veracodeadded 2023/08/31 4:24 a.m.20 views

Out-of-bounds Reads

libfrr.so is vulnerable to Out-of-bounds Reads. The vulnerability exists in bgprouterefreshreceive function at bgppacket.c due to improper buffer stream handling which allows an attacker to read the initial byte of the ORF header in an ahead-of-stream situation...

9.1CVSS6.8AI score0.00282EPSS
Exploits0References7Affected Software2
NVD
NVDadded 2023/08/29 4:15 a.m.18 views

CVE-2023-41358

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...

7.5CVSS7.5AI score0.00404EPSS
Exploits0References6
UbuntuCve
UbuntuCveadded 2023/08/29 4:15 a.m.32 views

CVE-2023-41358

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...

7.5CVSS7.1AI score0.00404EPSS
Exploits0References4
Prion
Prionadded 2023/08/29 4:15 a.m.23 views

Design/Logic Flaw

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...

5CVSS7.4AI score0.00404EPSS
Exploits0References6Affected Software3
Cvelist
Cvelistadded 2023/08/29 12:0 a.m.17 views

CVE-2023-41360

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c can read the initial byte of the ORF header in an ahead-of-stream situation...

9.3AI score0.00282EPSS
Exploits0References5
Cvelist
Cvelistadded 2023/08/29 12:0 a.m.25 views

CVE-2023-41358

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...

8.5AI score0.00404EPSS
Exploits0References6
Debian CVE
Debian CVEadded 2023/08/29 12:0 a.m.20 views

CVE-2023-41358

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...

7.5CVSS7.7AI score0.00404EPSS
Exploits0
Veracode
Veracodeadded 2022/10/12 10:37 a.m.26 views

Use-After-Free

frr is vulnerable to use-after-free. The vulnerability exists in multiple functions of bgppacket.c due to a race condition. which could allow an attacker to execute arbitrary codes and access the sensitive information by sending malicious BGP packets...

8.1CVSS8AI score0.02649EPSS
Exploits1References4Affected Software2
Debian CVE
Debian CVEadded 2022/09/19 12:0 a.m.34 views

CVE-2022-37032

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgpcapabilitymsgparse in bgpd/bgppacket.c...

9.1CVSS7.3AI score0.01141EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2022/08/16 9:38 a.m.97 views

CVE-2022-37035

A flaw was found in bgpd in FRRouting FRR. There is a possible use-after-free issue due to a race condition in bgpnotifysendwithdata and bgpprocesspacket in bgppacket.c. This issue can lead to remote code execution or information disclosure by sending crafted BGP packets...

8.1CVSS2.2AI score0.02649EPSS
Exploits1References3
UbuntuCve
UbuntuCveadded 2018/02/13 12:0 a.m.30 views

CVE-2018-5381

The Quagga BGP daemon bgpd prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgppacket.c:bgpcapabilitymsgparse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does not have a recognized AFI/SAFI,...

7.5CVSS6.9AI score0.0559EPSS
Exploits0References3
Rows per page
Query Builder