SUSE CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

Linux Distros Unpatched Vulnerability : CVE-2026-31668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - seg6: separate dstcache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses a single dstcache per encap route, shared between seg6inputcore and...

CVE-2026-28681 IRRd: web UI host header injection allows password reset poisoning via attacker-controlled email links

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. From version 4.4.0 to before version 4.4.5 and from version 4.5.0 to before version 4.5.1, an attacker can manipulate the HTTP Host header on a password reset or account creation...

CVE-2026-28681 IRRd: web UI host header injection allows password reset poisoning via attacker-controlled email links

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. From version 4.4.0 to before version 4.4.5 and from version 4.5.0 to before version 4.5.1, an attacker can manipulate the HTTP Host header on a password reset or account creation...

CVE-2026-28681

CVE-2026-28681 affects Internet Routing Registry daemon (IRRd) versions 4.4.0–4.4.5 and 4.5.0–4.5.1. The flaw is a host header injection in web UI password reset/account creation flows: an attacker can manipulate the HTTP Host header, causing the confirmation link in the email to point to an atta...

EUVD-2018-4049

Malware in sbrugna...

EUVD-2022-0127

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-12066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BIRD Internet Routing Daemon before 1.6.4 allows local users to cause a denial of service stack consumption and daemon crash via BGP mask expressions in birdc...

CVE-2022-24798

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. IRRd did not always filter password hashes in query responses relating to mntner objects and database exports. This may have allowed adversaries to retrieve some of these hashes, perfo...

PYSEC-2022-178

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. IRRd did not always filter password hashes in query responses relating to mntner objects and database exports. This may have allowed adversaries to retrieve some of these hashes, perfo...

CVE-2022-24798 Insufficient password hash filtering in some IRRd queries and exports

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. IRRd did not always filter password hashes in query responses relating to mntner objects and database exports. This may have allowed adversaries to retrieve some of these hashes, perfo...

CVE-2022-24798

CVE-2022-24798 affects Internet Routing Registry daemon (IRRd) v4 where password hashes could be exposed in query responses for mntner objects and database exports. Root cause: insufficient filtering of password hashes in IRRd’s output. Affected products/versions: IRRd 4.2.x (mirrors not affected...

Internet Routing Registry Daemon 安全漏洞

Internet Routing Registry Daemon IRRd is a routing registry daemon. A security vulnerability exists in Internet Routing Registry Daemon, which stems from the fact that IRRd does not always filter password hashes in query responses related to "mntner" objects and database exports. An attacker coul...

The Internet is Held Together With Spit & Baling Wire

A visualization of the Internet made using network routing data. Image: Barrett Lyon, opte.org. Imagine being able to disconnect or redirect Internet traffic destined for some of the worlds biggest companies -- just by spoofing an email. This is the nature of a threat vector recently removed by a...

DDoS Protection for Networks: Utilizing AS Prepending to Route Traffic Through Imperva

In order for Imperva to protect customers’ traffic using DDoS Protection for Networks, the Internet must select Imperva as the best path. So what does this mean? Does Imperva automatically take over the customer’s prefix and control the routing of the Internet? Well…not exactly. Internet Routing...

SaltStack Salt Master Server Root Key Disclosure

This module exploits unauthenticated access to the prepauthinfo method in the SaltStack Salt master's ZeroMQ request server, for versions 2019.2.3 and earlier and 3000.1 and earlier, to disclose the root key used to authenticate administrative commands to the master. VMware vRealize Operations...

Cloud Providers, CDNs Team Up to Battle Internet Routing Attacks

A group of tech giants – including Akamai, Amazon Web Services, Cloudflare, Facebook, Google, Microsoft and Netflix – are banding together to battle route hijacking, route leaks and IP address-spoofing attacks targeting internet users. They’re coming together under a program was introduced this...

Debian DSA-4528-1 : bird - security update

Daniel McCarney discovered that the BIRD internet routing daemon incorrectly validated RFC 8203 messages in it's BGP daemon, resulting in a stack-based buffer overflow. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

CVE-2019-16159

BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdow...