EUVD-2017-18152

Malware in sbrugna...

EUVD-2024-16920

Malicious code in bioql PyPI...

EUVD-2023-44591

Malicious code in bioql PyPI...

CVE-2025-37789 net: openvswitch: fix nested key length validation in the set() action

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set action It's not safe to access nlalenovskey if the data is smaller than the netlink header. Check that the attribute is OK first...

CVE-2025-37789

CVE-2025-37789 (net: openvswitch: fix nested key length validation in the set() action) is covered by connected advisories, which confirm a Linux kernel vulnerability in netlink key length handling for the set() action in Open vSwitch. The description notes that accessing nla_len(ovs_key) is unsa...

CVE-2023-3966

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...

CVE-2024-1151

A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result,...

The vulnerability of the decode_NXAST_RAW_ENCAP() function in the Open vSwitch software multi-level switch allows a hacker to execute arbitrary code.

The vulnerability of the decodeNXASTRAWENCAP function in the Open vSwitch software multi-level switch lies in the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Ubuntu 18.04 LTS : Open vSwitch vulnerability (USN-5698-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5698-1 advisory. It was discovered that Open vSwitch incorrectly handled comparison of certain minimasks. A remote attacker could use this issue to cause Open vSwitch to crash,...

CVE-2021-36980

Open vSwitch aka openvswitch 2.11.0 through 2.15.0 has a use-after-free in decodeNXASTRAWENCAP called from ofpactdecode and ofpactsdecode during the decoding of a RAWENCAP action...

openvswitch: limitation in the OVS packet parsing in userspace leads to DoS

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this...

CVE-2020-35498

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Open vSwitch vulnerability (USN-4729-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4729-1 advisory. Joakim Hindersson discovered that Open vSwitch incorrectly parsed certain network packets. A remote attacker could use this issue to cause...

The vulnerability of the parse_group_prop_ntr_selection_method method in the Open vSwitch software multi-level switch allows a attacker to cause a service failure.

The vulnerability of the parsegrouppropntrselectionmethod method lib/ofp-util.c in the Open vSwitch OvS software multi-level switch exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

CVE-2018-14636

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...

Open vSwitch Buffer Overflow Vulnerability (CNVD-2017-09509)

Open vSwitch OvS is a multi-layer virtual switch product based on open source technology following the Apache 2.0 license that supports large-scale network automation through programmatic extensions, standard management interfaces and protocols, and more. A buffer overflow vulnerability exists in...