2833 matches found
PT-2026-37262
Name of the Vulnerable Software and Affected Versions Twisted versions prior to 26.4.0 Description The twisted.names module is susceptible to a Denial of Service DoS attack caused by resource exhaustion during DNS name decompression. A remote, unauthenticated attacker can send a specially crafted...
Modsecurity 缓冲区错误漏洞
Modsecurity is an open-source web traffic security processing library developed by OWASP ModSecurity. Versions of Modsecurity prior to 3.0.15 contained a buffer error vulnerability. This vulnerability arises from using the t:hexDecode conversion in rule checks for query string parameters containi...
CVE-2026-43861
mutt before 2.3.2 does not check for '\0' in urlpctdecode...
UBUNTU-CVE-2026-43861
mutt before 2.3.2 does not check for '\0' in urlpctdecode...
GoBGP has an Improper Resource Shutdown or Release
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the DecodeFromBytes function of the AIGP Attribute Parser. An attacker can execute arbitrary code, cause a denial of service, or compromise data integrity and confidentiality by sending specially crafted BGP packets t...
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the DecodeFromBytes function in the SRv6 L3 Service component. An attacker can cause a service disruption by sending specially crafted data to this function remotely. Remediation Upgrade...
CVE-2026-43861
mutt before 2.3.2 does not check for '\0' in urlpctdecode...
CVE-2026-43861
mutt before 2.3.2 does not check for '\0' in urlpctdecode...
CVE-2026-43861
mutt before 2.3.2 does not check for '\0' in urlpctdecode...
CVE-2026-43861
mutt before 2.3.2 does not check for '\0' in urlpctdecode...
EUVD-2026-26915
A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading...
CVE-2026-7735 osrg GoBGP AIGP Attribute bgp.go PathAttributeAigp.DecodeFromBytes buffer overflow
A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP Attribute Parser. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. Upgrading...
CVE-2026-7734 osrg GoBGP SRv6 L3 Service prefix_sid.go SRv6L3ServiceAttribute.DecodeFromBytes denial of service
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
EUVD-2026-26914
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
CVE-2026-7734
The CVE-2026-7734 affects osrg GoBGP up to 4.3.0, specifically the SRv6 L3 Service component’s DecodeFromBytes function in pkg/packet/bgp/prefix_sid.go. The issue allows remote manipulation of input data to trigger a denial of service. A fix is available in GoBGP v4.4.0, with the patch identified...
CVE-2026-7734
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
CVE-2026-7734 osrg GoBGP SRv6 L3 Service prefix_sid.go SRv6L3ServiceAttribute.DecodeFromBytes denial of service
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
Exploit for CVE-2025-60751
CVE-2025-60751: GeographicLib Stack-based Buffer Overflow 📌...
PT-2026-36763
Name of the Vulnerable Software and Affected Versions osrg GoBGP versions prior to 4.4.0 Description A remote denial of service can occur in the SRv6 L3 Service component. The issue exists within the SRv6L3ServiceAttribute.DecodeFromBytes function located in the pkg/packet/bgp/prefix sid.go file,...