Lucene search
K

620 matches found

NVD
NVD
added 2026/04/09 10:16 p.m.10 views

CVE-2026-33797

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...

7.4CVSS0.00166EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/09 9:31 p.m.24 views

CVE-2026-33797 Junos OS and Junos OS Evolved: An attacker sending a specific genuine BGP packet causes a BGP reset

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...

7.4CVSS0.00166EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:31 p.m.5 views

CVE-2026-33797

An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service DoS. An attacker repeatedly...

7.4CVSS5.8AI score0.00166EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2026/04/08 12:7 a.m.2 views

GHSA-FCMH-QFXC-W685 kube-router: BGP Peer Passwords Exposed in Logs at Verbose Logging Level

Summary When kube-router is configured with per-node BGP peer passwords using the kube-router.io/peer.passwords node annotation, and verbose logging is enabled --v=2 or higher, the raw Kubernetes node annotation map is logged verbatim — including the base64-encoded BGP MD5 passwords. Anyone with...

4.1CVSS5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.6 views

Juniper Junos OS Vulnerability (JSA107850)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107850 advisory. - An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP...

7.4CVSS5.9AI score0.00166EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/03/31 9:1 p.m.8 views

FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control

...

4.2CVSS5.8AI score0.00279EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/03/31 8:37 a.m.5 views

SUSE CVE-2026-5107

A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function processtype2route of the file bgpd/bgpevpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to ha...

4.2CVSS5.3AI score0.00279EPSS
Exploits0References9
EUVD
EUVD
added 2026/03/30 6:31 p.m.4 views

EUVD-2026-17109

A weakness has been identified in osrg GoBGP up to 4.3.0. This impacts the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go. Executing a manipulation of the argument data1 can lead to off-by-one. The attack may be launched remotely. Attacks of this nature are highly complex. The...

6.3CVSS5.4AI score0.00409EPSS
Exploits0References7
Snyk
Snyk
added 2026/03/30 5:26 p.m.5 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...

6.3CVSS5.9AI score0.00287EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/30 5:26 p.m.4 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to improper BGP header validation in the BGPHeader.DecodeFromBytes function. An attacker can modify BGP header data by sending specially crafted packets to the affected process. Remediation Upgrade...

6.3CVSS5.9AI score0.00287EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/30 4:15 p.m.2 views

CVE-2026-5124

A security vulnerability has been detected in osrg GoBGP up to 4.3.0. Affected is the function BGPHeader.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP Header Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. The...

6.3CVSS5.2AI score0.00287EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/30 2:15 p.m.1 views

CVE-2026-5122 osrg GoBGP BGP OPEN Message bgp.go DecodeFromBytes access control

A security flaw has been discovered in osrg GoBGP up to 4.3.0. This affects the function DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component BGP OPEN Message Handler. Performing a manipulation of the argument domainNameLen results in improper access controls. The attack may be...

6.3CVSS5.3AI score0.00293EPSS
Exploits0References6
CVE
CVE
added 2026/03/30 2:15 p.m.14 views

CVE-2026-5122

The CVE affects osrg GoBGP ≤ 4.3.0, specifically the BGP OPEN Message Handler in pkg/packet/bgp/bgp.go DecodeFromBytes. Manipulating the domainNameLen argument results in improper access controls, potentially enabling remote exploitation. The attack is described with a high complexity requirement...

6.3CVSS5.3AI score0.00293EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.10 views

GoBGP 访问控制错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained a access control vulnerability, which was caused by incorrect handling of the parameter domainNameLen in the file pkg/packet/bgp/bgp.go. This vulnerability could...

6.3CVSS5.8AI score0.00293EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/30 12:0 a.m.10 views

GoBGP 安全漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of osrg GoBGP prior to 4.3.0 contain security vulnerabilities. These vulnerabilities stem from incorrect handling of the parameter data1 in the file pkg/packet/bgp/bgp.go, which may lead to a...

6.3CVSS6AI score0.00409EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.5 views

Study of Post Quantum Status of Widely Used Protocols

The advent of quantum computing poses significant threats to classical public-key cryptographic primitives such as RSA and elliptic-curve cryptography. As many critical network and security protocols depend on these primitives for key exchange and authentication, there is an urgent need to...

6AI score
Exploits0
OSV
OSV
added 2026/03/16 6:32 p.m.10 views

GHSA-4P9M-8GC4-RW2H GoBGP vulnerable to a denial of service via the NEXT_HOP path attribute

An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXTHOP path attribute...

7.5CVSS5.8AI score0.00333EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

GoBGP 安全漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version GoBGP 4.2.0 contains a security vulnerability, which stems from improper handling of the NEXTHOP path attribute. This vulnerability could allow remote attackers to launch a denial-of-service attac...

7.5CVSS5.8AI score0.00333EPSS
Exploits1References1
Imperva Blog
Imperva Blog
added 2026/03/10 3:48 p.m.5 views

When your DDoS mitigation provider goes down: Why traffic control can’t be outsourced

Since the headline-grabbing outages of 2021, we’ve had recurring conversations with large enterprises asking some version of the same question. Do we really want our CDN, security, and routing control to live in the same place? This issue of control has become more urgent after a series of...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.8 views

Bird-lg-go 安全漏洞

Bird-lg-go is a BGP routing query tool developed by Yuhui Xu. Previous versions of bird-lg-go, including 6187a4e, contained security vulnerabilities. These vulnerabilities stemmed from the traceroute module’s use of shlex.Split to parse user input without proper validation. This could allow remot...

7.5CVSS6AI score0.00388EPSS
Exploits1References2
Rows per page
Query Builder