Lucene search
K

85 matches found

RedHat Linux
RedHat Linux
added 2026/06/08 3:17 a.m.121 views

frr: denial of service via crafted BGP UPDATE message

A flaw was found in FRRouting FRR. An unauthenticated remote attacker can exploit an integer underflow vulnerability by supplying a specially crafted BGP Border Gateway Protocol UPDATE message. This issue can lead to a Denial of Service DoS...

7.5CVSS5.5AI score0.00371EPSS
Exploits0References5
NVD
NVD
added 2026/06/03 4:16 p.m.27 views

CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS0.00279EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 12:0 a.m.34 views

CVE-2026-37460

CVE-2026-37460 affects FRRouting (FRR) stable/10.0–10.6. The issue is in the rfapiRibBi2Ri() function (rfapi_rib.c) where missing input validation can be triggered by a crafted BGP UPDATE message, leading to Denial of Service. Connected sources consistently describe the same flaw and affected ran...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References3
CVE
CVE
added 2026/06/03 12:0 a.m.22 views

CVE-2026-37462

CVE-2026-37462 affects gobgp v4.3.0. A vulnerability in BGPUpdate.DecodeFromBytes (/bgp/bgp.go) allows an attacker to trigger a Denial of Service by sending a crafted BGP UPDATE message. The issue is described consistently across multiple sources (NVD/EUVD/CVE listings and vulnerability trackers)...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.20 views

PT-2026-45955

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00279EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.41 views

CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

0.00279EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/20 4:6 p.m.39 views

CVE-2026-20171 Cisco Nexus 3000 and 9000 Series Border Gateway Protocol Denial of Service Vulnerability

A vulnerability in the Border Gateway Protocol BGP enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service DoS condition...

6.8CVSS0.00467EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/07 11:53 a.m.13 views

CVE-2026-42285

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending a specially crafted BGP UPDATE message. When the server receives a message with inconsistent...

7.5CVSS5.7AI score0.00418EPSS
Exploits1
OSV
OSV
added 2026/05/04 5:16 p.m.5 views

DEBIAN-CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00335EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 12:0 a.m.32 views

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

0.00249EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/04 12:0 a.m.5 views

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

5.8AI score0.00249EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.8 views

PT-2026-36831

Name of the Vulnerable Software and Affected Versions gobgp version 4.3.0 Description An out-of-bounds read in the ParseIP6Extended function within the '/bgp/bgp.go' file allows attackers to cause a Denial of Service DoS by supplying a crafted BGP UPDATE message. Recommendations As a temporary...

7.5CVSS7.1AI score0.00335EPSS
Exploits0References21
EUVD
EUVD
added 2026/05/04 12:0 a.m.6 views

EUVD-2026-26999

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00335EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/04 12:0 a.m.6 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00335EPSS
Exploits0
OSV
OSV
added 2026/05/04 12:0 a.m.3 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS7.1AI score0.00335EPSS
Exploits0References5
OSV
OSV
added 2026/05/04 12:0 a.m.2 views

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

6.5CVSS5.9AI score0.00249EPSS
Exploits0References4
OSV
OSV
added 2026/05/04 12:0 a.m.4 views

CVE-2026-37459

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS6AI score0.00371EPSS
Exploits0References8
NVD
NVD
added 2026/01/16 9:15 a.m.17 views

CVE-2025-12006

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X12STW-F . An attacker can update the system firmware with a specially crafted image...

7.2CVSS0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.9 views

CVE-2023-45886

The BGP daemon bgpd in IP Infusion ZebOS through 7.10.6 allow remote attackers to cause a denial of service by sending crafted BGP update messages containing a malformed attribute...

7.5CVSS6.9AI score0.01425EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2025/11/05 9:1 a.m.5 views

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.

...

7.5CVSS7AI score0.00457EPSS
Exploits1
Rows per page
Query Builder