Lucene search
K

633 matches found

Ubuntu
Ubuntu
added 2026/06/03 4:50 a.m.14 views

USN-8348-1: GoBGP vulnerabilities

It was discovered that GoBGP incorrectly handled certain specially crafted BGP UPDATE messages. A remote attacker could possibly use this issue to cause GoBGP to crash, resulting in a denial of service. CVE-2026-37461 Yanlei Wang discovered that GoBGP incorrectly handled certain malformed BGP...

7.5CVSS6.5AI score0.00631EPSS
Exploits1
EUVD
EUVD
added 2026/06/03 12:0 a.m.26 views

EUVD-2026-34083

Missing input validation in the rfapiRibBi2Ri function rfapirib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00335EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/03 12:0 a.m.12 views

CVE-2026-37460

Missing input validation in the rfapiRibBi2Ri function rfapirib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.4AI score0.00335EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.18 views

PT-2026-45939

Missing input validation in the rfapiRibBi2Ri function rfapi rib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00335EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-37460

Missing input validation in the rfapiRibBi2Ri function rfapirib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00335EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/03 12:0 a.m.11 views

CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.18 views

PT-2026-45955

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00279EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/03 12:0 a.m.11 views

EUVD-2026-34101

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.3CVSS5.8AI score0.00279EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.40 views

CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

0.00279EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.8 views

FRRouting 安全漏洞

FRouting is an open-source network routing software suite that runs on Unix-like platforms. Versions of FRRouting from stable/10.0 to stable/10.6 have security vulnerabilities. These vulnerabilities stem from the lack of input validation in the rfapiRibBi2Ri function, which could allow attackers ...

7.5CVSS5.1AI score0.00335EPSS
Exploits0References3
CVE
CVE
added 2026/06/03 12:0 a.m.32 views

CVE-2026-37460

CVE-2026-37460 affects FRRouting (FRR) stable/10.0–10.6. The issue is in the rfapiRibBi2Ri() function (rfapi_rib.c) where missing input validation can be triggered by a crafted BGP UPDATE message, leading to Denial of Service. Connected sources consistently describe the same flaw and affected ran...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References3
NVD
NVD
added 2026/06/02 5:16 p.m.17 views

CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

6.3CVSS0.003EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2026/06/02 4:16 p.m.10 views

CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

6.3CVSS6.1AI score0.003EPSS
Exploits2References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

BIRD 安全漏洞

BIRD is a full-featured dynamic IP routing daemon developed by BIRD OpenSource. Versions of BIRD prior to 2.19.0 contained security vulnerabilities; these vulnerabilities stemmed from stack buffer overflows in the BGP ASPATH mask matching implementation, which could potentially cause the daemon t...

6.3CVSS5.6AI score0.003EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.16 views

Cisco Nexus 3000 and 9000 Series Switches BGP DoS (cisco-sa-bgp-iefab-3hb2pwtx)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability. - A vulnerability in the Border Gateway Protocol BGP enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an...

6.8CVSS5.8AI score0.00467EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 1:2 p.m.14 views

CVE-2026-48688

A flaw was found in FastNetMon Community Edition. Multiple out-of-bounds read vulnerabilities exist within the BGP MPREACHNLRI IPv6 attribute decoder. A remote attacker could exploit these flaws by sending specially crafted BGP messages, which could lead to information disclosure or a denial of...

7.5CVSS5.7AI score0.00283EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-48685

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. ...

6.5CVSS6AI score0.00295EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-48691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the...

9.8CVSS6.4AI score0.00308EPSS
Exploits0References3
OSV
OSV
added 2026/05/26 4:16 p.m.7 views

DEBIAN-CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References1
OSV
OSV
added 2026/05/26 4:16 p.m.7 views

DEBIAN-CVE-2026-48685

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgpprotocol.hpp, the parserawbgpattribute function correctly identifies when extendedlengthbit is set and sets lengthoflengthfield...

6.5CVSS5.8AI score0.00295EPSS
Exploits0References1
Rows per page
Query Builder