CVE-2026-48059

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

EUVD-2026-36457

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

Linux Distros Unpatched Vulnerability : CVE-2026-48059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime in the parsing process of nested PP2TYPESSL TLVs within the HAProxy PROXY protocol v2 codec. An attacker can cause memory exhaustion by sending syntactically valid headers containing...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : FRR vulnerabilities (USN-8376-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8376-1 advisory. It was discovered that FRR incorrectly handled certain OSPF Traffic Engineering and Segment Routing TLVs. An attacker cou...

gmrtd security vulnerabilities

GMRTD is an open-source Go language library developed by GMRTD. Versions of GMRTD prior to 0.17.2 contained security vulnerabilities. These vulnerabilities stemmed from the ReadFile function accepting TLVs of excessive length, which could lead to unlimited resource consumption...

tlvs.vn Cross Site Scripting vulnerability OBB-2791430

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DEBIAN-CVE-2022-26125

Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isistlvs.c...

PT-2022-17688 · Frrouting +4 · Frrouting +4

Name of the Vulnerable Software and Affected Versions: FRRouting versions through 8.1.0 Description: Buffer overflow vulnerabilities exist due to wrong checks on the input packet length in isisd/isis tlvs.c. Recommendations: For versions through 8.1.0, consider updating to a version that includes...

CVE-2020-3675

u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

lldpad security and bug fix update

1.0.1-13.git036e314 - After gating yml updates 1.0.1-12.git036e314 - Add support for DSCP selectors in APP TLVs 1704660 1.0.1-11.git036e314 - Fix memleak on TLV reception 1727326 1.0.1-10.git036e314 - Fix the OID display 1614933...

Fedora 29 : lldpad (2018-06d56c8c9d)

Add upstream fix for improper sanitization of shell-escape codes when lldptool parses a mngAddr TLV CVE-2018-10932. - Add upstream patch to support DSCP selectors in APP TLVs. This allows configuration of DSCP-based packet prioritization on capable network devices. Note that Tenable Network...

CVE-2016-8411

Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmiqossrvc.c. Android ID: 31805216. References: QC CR912775...

CVE-2016-8411

Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmiqossrvc.c. Android ID: 31805216. References: QC CR912775...

Buffer overflow

Buffer overflow vulnerability while processing QMI QOS TLVs. Product: Android. Versions: versions that have qmiqossrvc.c. Android ID: 31805216. References: QC CR912775...

CVE-2016-8411

CVE-2016-8411 is a buffer overflow in Android’s QMI QOS TLV processing (qmi_qos_srvc.c). Reported as CRITICAL with CVSSv3 base 9.8, exploitable over network with no user interaction. Affected: Android devices including versions containing qmi_qos_srvc.c. Root cause: buffer overflow while parsing ...

CVE-2011-1640

The ethernet-lldp component in Cisco IOS 12.2 before 12.233SXJ1 does not properly support a large number of LLDP Management Address MA TLVs, which allows remote attackers to cause a denial of service device crash via crafted LLDPDUs, aka Bug ID CSCtj22354...

Mandrake Linux Security Advisory : tcpdump (MDKSA-2007:148)

An integer overflow in tcpdump could allow a remote attacker to execute arbitrary code via crafted TLVs in a BGP packet. Updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

CVE-2007-3798

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value...

CVE-2007-3798

Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value...