Lucene search
K

616 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/04 12:0 a.m.6 views

CVE-2026-37459

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.12 views

GoBGP 缓冲区错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.3.0 of GoBGP contains a buffer error vulnerability; this vulnerability stems from an out-of-bounds read in the ParseIP6Extended function, which could allow attackers to cause denial-of-service...

7.5CVSS6AI score0.00335EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.9 views

GoBGP 缓冲区错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained a buffer error vulnerability. This vulnerability stems from a buffer overflow in the function PathAttributeAigp.DecodeFromBytes within the AIGP Attribute Parser...

7.5CVSS7.4AI score0.00361EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 12:0 a.m.7 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00335EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/04 12:0 a.m.5 views

EUVD-2026-26999

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00335EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/04 12:0 a.m.33 views

CVE-2026-37459

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

0.00371EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-7735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the compone...

7.5CVSS7.1AI score0.00361EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/04 12:0 a.m.6 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00335EPSS
Exploits0
EUVD
EUVD
added 2026/05/01 12:0 a.m.6 views

EUVD-2026-26703

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References1
OSV
OSV
added 2026/04/29 8:44 p.m.14 views

GHSA-8RXH-R2P6-7F2Q GoBGP has Remote Denial of Service (Panic) in UpdatePathAttrs4ByteAs via Malformed BGP UPDATE

Summary A remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during the processing of 4-byte AS attributes when the message structure causes an internal slice index shift that is not...

7.5CVSS5.9AI score0.00503EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/29 8:44 p.m.6 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the UpdatePathAttrs4ByteAs function when processing malformed BGP UPDATE messages containing both ASPATH and AS4PATH attributes. An attacker can cause the process to crash by sending a specially...

8.7CVSS5.8AI score0.00503EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.5 views

Juniper Junos OS Vulnerability (JSA100080)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100080 advisory. - A Reachable Assertion vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker...

7.1CVSS5.6AI score0.00259EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.10 views

Juniper Junos OS Vulnerability (JSA88129)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA88129 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an...

8.7CVSS5.6AI score0.00617EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.7 views

Juniper Junos OS Vulnerability (JSA96465)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96465 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local,...

6.8CVSS5.6AI score0.00129EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.2 views

CVE-2026-33797

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...

7.4CVSS5.3AI score0.00166EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 12:30 a.m.4 views

EUVD-2026-21208

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...

7.4CVSS5.9AI score0.00166EPSS
Exploits0References2
NVD
NVD
added 2026/04/09 10:16 p.m.10 views

CVE-2026-33797

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...

7.4CVSS0.00166EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/09 9:31 p.m.24 views

CVE-2026-33797 Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...

7.4CVSS0.00166EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:31 p.m.5 views

CVE-2026-33797

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...

7.4CVSS5.8AI score0.00166EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2026/04/08 12:7 a.m.2 views

GHSA-FCMH-QFXC-W685 kube-router: BGP Peer Passwords Exposed in Logs at Verbose Logging Level

Summary When kube-router is configured with per-node BGP peer passwords using the kube-router.io/peer.passwords node annotation, and verbose logging is enabled --v=2 or higher, the raw Kubernetes node annotation map is logged verbatim — including the base64-encoded BGP MD5 passwords. Anyone with...

4.1CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder