9 matches found
CVE-2026-37458
Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...
CVE-2021-2414
Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications component: Routing. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...
kernel: ipv6: prevent possible NULL dereference in rt6_probe()
A vulnerability was found in the Linux kernel's IPv6 routing component, where a NULL dereference occurs in the rt6probe function. This issue happens when the function attempts to access a resource without confirming its availability, leading to potential crashes...
PT-2022-22673 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A memory leak issue has been found in the Linux Kernel, affecting the ipneigh get function of the iproute2 component. This issue can be exploited remotely. Recommendations: At the...
GHSA-83C3-QX27-2RWR Symfony Allows URI Restrictions Bypass Via Double-Encoded String
On the Symfony 2.0.x version, there's a security issue that allows access to routes protected by a firewall even when the user is not logged in. Both the Routing component and the Security component uses the path returned by getPathInfo to match a Request. The getPathInfo returns a decoded path,...
Design/Logic Flaw
Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications component: Routing. Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...
dotnet: Denial of service due to infinite loop
An infinite loop was found in the HTTP Routing component of Microsoft.AspNetCore.App, which could be exploited by a remote, unauthenticated attacker. This flaw allows an attacker without special privileges to send crafted requests to a machine running an ASP.NET Core application, triggering the...
CVE-2016-5304
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...
Local file inclusion in core - ownCloud
Due to an improper control of the filename for a requireonce statement in the routing component a limited local file inclusion vulnerability is existent in all below mentioned ownCloud versions. Depending on the ownCloud configuration and the authentication state of a remote attacker this...