410 matches found
Authentication Bypass
github.com/kgateway-dev/kgateway is vulnerable to Authentication Bypass. The vulnerability is due to lack of authentication on the xDS port, which allows an attacker with network access to retrieve sensitive configuration data such as certificates, backend services, routing rules, and cluster...
CVE-2026-26310
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...
xdp: produce a warning when calculated tailroom is negative
...
K000160367: NGINX ngx_mail_smtp_module vulnerability CVE-2026-28753
Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to...
CVE-2026-26310 Crash for scoped ip address in Envoy during DNS
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...
EUVD-2026-10803
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...
CVE-2026-26310 Crash for scoped ip address in Envoy during DNS
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...
SUSE: Security Advisory (SUSE-SU-2026:20218-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES16 Security Update : dpdk (SUSE-SU-2026:20218-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:20218-1 advisory. Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the...
OPENSUSE-SU-2026:20148-1 Security update for dpdk
This update for dpdk fixes the following issues: Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other issues fixed...
MiracleLinux 7 : dpdk-18.11.8-2.el7 (AXSA:2023-4760:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4760:01 advisory. dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 Tenable has extracted the preceding description block...
MiracleLinux 7 : dpdk-18.11.8-1.el7 (AXSA:2020-184:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-184:02 advisory. dpdk: librtevhost Interger overflow in vhostusersetlogbase CVE-2020-10722 dpdk: librtevhost Integer truncation in vhostusercheckandallocqueuepair...
MiracleLinux 8 : dpdk-21.11-2.el8 (AXSA:2023-4785:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4785:02 advisory. dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 Tenable has extracted the preceding description block...
MiracleLinux 9 : dpdk-21.11.2-1.el9 (AXSA:2023-5000:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5000:03 advisory. dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 DPDK: out-of-bounds read/write in...
CVE-2025-23259
NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver PMD, where an attacker on a VM in the system might be able to cause information disclosure and denial of service on the network interface...
Arista EOS 安全漏洞
Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from specially crafted packets that can cause the MACsec process to terminate unexpectedly, potentially resulting in a prolong...
SUSE SLES15: dpdk22 / dpdk22-devel / dpdk22-devel-static / dpdk22-doc / etc (SUSE-SU-2025:4534-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4534-1 advisory. Update to version 22.11.10. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a...
SUSE-SU-2026:20055-1 Security update for dpdk
This update for dpdk fixes the following issues: Update to version 22.11.10. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other updates and...
Security update for dpdk22
This update for dpdk22 fixes the following issues: Update to version 22.11.10. Security issues fixed: CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other updates and...
SUSE SLES15: dpdk / dpdk-devel / dpdk-devel-static / dpdk-doc / dpdk-examples / etc (SUSE-SU-2025:4254-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4254-1 advisory. - Update to version 22.11.10 - CVE-2025-23259: Fixed an out-of-order completions in ordinary Rx burst. bsc1254161 Tenable has...