Large-Scale Collection of Cell Phone Data at US Borders

The Washington Post is reporting that the US Customs and Border Protection agency is seizing and copying cell phone, tablet, and computer data from "as many as" 10,000 phones per year, including an unspecified number of American citizens. This is done without a warrant, because "…courts have long...

US Border Agents May Have a Copy of Your Text Messages

Plus: An AI artist exposes surveillance of Instagram users, the US charges Iranians over a ransomware campaign, and more...

DEBIAN-CVE-2022-37035

An issue was discovered in bgpd in FRRouting FRR 8.3. In bgpnotifysendwithdata and bgpprocesspacket in bgppacket.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is no...

UBUNTU-CVE-2022-37035

An issue was discovered in bgpd in FRRouting FRR 8.3. In bgpnotifysendwithdata and bgpprocesspacket in bgppacket.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is no...

FRRouting FRR 竞争条件问题漏洞

FRRouting FRR is a suite of software that implements and manages various IPV4 and IPV6 routing protocols. A security vulnerability exists in FRRouting FRR version 8.3, which stems from a race condition in bgpnotifysendwithdata and bgpprocesspacket in its bgpd component, bgppacket.c, which could b...

Green Alliance NF firewall has information leakage vulnerability

Green Alliance NF Firewall is an enterprise-class next-generation border security product constructed by Green Alliance Technology on the basis of the latest generation 64-bit multi-core hardware platform, combined with the application layer security protection concept and high-speed packet...

CVE-2022-22213

A vulnerability in Handling of Undefined Values in the routing protocol daemon RPD process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading ...

CVE-2022-22213

A vulnerability in Handling of Undefined Values in the routing protocol daemon RPD process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading ...

The vulnerability of the Border Gateway Protocol (BGP) implementation in the Ethernet VPN (EVPN) technology of the Cisco IOS XR operating system allows a attacker to cause a service failure.

The vulnerability of the Border Gateway Protocol BGP implementation of the Ethernet VPN EVPN technology in the Cisco IOS XR operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Europol Busts Phishing Gang Responsible for Millions in Losses

Europol on Tuesday announced the dismantling of an organized crime group that dabbled in phishing, fraud, scams, and money laundering activities. The cross-border operation, which involved law enforcement authorities from Belgium and the Netherlands, saw the arrests of nine individuals in the Dut...

State-backed hacking group from China is targeting the Russian military

In an unexpected turn of events, research has surfaced about a Chinese APT advanced persistent threat group targeting the Russian military in recent cyberattacks. Tracked as Bronze President, Mustang Panda, RedDelta, and TA416, the group has focused mainly on Southeast Asian targets—and more...

The vulnerability of the Border Gateway Protocol (BGP) implementation in the Ethernet VPN (EVPN) technology of the Cisco IOS XR operating system allows a attacker to cause a service failure.

The vulnerability of the Border Gateway Protocol BGP implementation in the Ethernet VPN EVPN technology of the Cisco IOS XR operating system is related to resource management errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure by sending a specially crafted...

CVE-2022-20758

A vulnerability in the implementation of the Border Gateway Protocol BGP Ethernet VPN EVPN functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the incorrect processing of a BGP update messa...

CVE-2022-20694

A vulnerability in the implementation of the Resource Public Key Infrastructure RPKI feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol BGP process to crash, resulting in a denial of service DoS condition. This vulnerability is du...

CVE-2022-22197

An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service DoS. This issue occurs when...

Juniper Networks Junos OS和Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system for the company's hardware devices. Juniper Networks Junos OS is a network operating system designed for the company's hardware devices. The operating...

The vulnerability of the WebUI component of the Oracle Enterprise Session Border Controller allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Oracle Enterprise Session Border Controller’s WebUI component exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to remotely gain access to modify, add, or delete data through HTTP requests...

The vulnerability of the WebUI component of the Oracle Enterprise Session Border Controller allows a perpetrator to compromise the integrity of the protected information.

The vulnerability of the Oracle Enterprise Session Border Controller’s WebUI component exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the integrity of protected information through HTTP requests...

CVE-2022-20694

A vulnerability in the implementation of the Resource Public Key Infrastructure RPKI feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol BGP process to crash, resulting in a denial of service DoS condition. This vulnerability is du...

CVE-2022-20758

A vulnerability in the implementation of the Border Gateway Protocol BGP Ethernet VPN EVPN functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the incorrect processing of a BGP update messa...