769 matches found
CVE-2022-49092
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning1 while deleting routes2 which is caused by trying to delete a route pointing to a nexthop id without specifying nhid but matching on an...
CVE-2024-7595 GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet
GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered simil...
SUSE CVE-2024-57948
In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154ifremove. 1 Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardware device from the system...
CVE-2024-57948 mac802154: check local interfaces before deleting sdata list
In the Linux kernel, the following vulnerability has been resolved: mac802154: check local interfaces before deleting sdata list syzkaller reported a corrupted list in ieee802154ifremove. 1 Remove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4 hardware device from the system...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ieee802154ifremove function not properly checking the list of local interfaces when deleting a network...
PT-2025-1236 · Ietf · Proposed Generic Udp Encapsulation
Name of the Vulnerable Software and Affected Versions: Proposed Generic UDP Encapsulation GUE IETF Draft affected versions not specified Description: The issue concerns the lack of validation or verification of the source of a network packet in the Proposed Generic UDP Encapsulation GUE IETF Draf...
CVE-2025-23018
IPv4-in-IPv6 and IPv6-in-IPv6 tunneling RFC 2473 do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136...
PT-2025-1234 · Unknown · Ipv6-In-Ipv4 Tunneling
Name of the Vulnerable Software and Affected Versions: IPv6-in-IPv4 tunneling RFC 4213 versions not specified Description: The issue is related to the IPv6-in-IPv4 tunneling protocol, which allows an attacker to spoof and route traffic via an exposed network interface. This can be exploited by a...
CVE-2025-23019
CVE-2025-23019 describes a vulnerability in IPv6-in-IPv4 tunneling (RFC 4213) where an unauthenticated or unverified packet source can lead to spoofing and traffic routing via an exposed interface. The available documents associate this with multiple vulnerability trackers and advisories; some so...
CVE-2025-23019
IPv6-in-IPv4 tunneling RFC 4213 allows an attacker to spoof and route traffic via an exposed network interface...
CVE-2025-23019
IPv6-in-IPv4 tunneling RFC 4213 allows an attacker to spoof and route traffic via an exposed network interface...
CVE-2024-43659
After gaining access to the firmware of a charging station, a file at can be accessed to obtain default credentials that are the same across all Iocharger AC model EV chargers. This issue affects Iocharger firmware for AC models before firmware version 25010801. The issue is addressed by requirin...
CVE-2024-43657
Summary of CVE-2024-43657 (Iocharger firmware) : Affects AC model Iocharger firmware before 24120701. The issue is an improper neutralization of special elements in a firmware file, enabling OS command injection as root via the processing of a firmware upload. Attack requires a low-privileged acc...
CVE-2024-43659 Plaintext default credentials in firmware
After gaining access to the firmware of a charging station, a file at can be accessed to obtain default credentials that are the same across all Iocharger AC model EV chargers. This issue affects Iocharger firmware for AC models before firmware version 25010801. The issue is addressed by requirin...
AZL-54470 CVE-2024-45338 affecting package cni-plugins for versions less than 1.4.0-2
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
AZL-54467 CVE-2024-45338 affecting package cni for versions less than 1.1.2-4
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
RHEL 9 : containernetworking-plugins (RHSA-2024:11216)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:11216 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network interfaces in...
Moderate: Red Hat Security Advisory: containernetworking-plugins security update
An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
ALSA-2024:11216 Moderate: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...