149 matches found
EUVD-2018-17036
Malware in sbrugna...
EUVD-2024-42510
Malicious code in bioql PyPI...
CVE-2025-52980 Junos OS: SRX300 Series: rpd will crash upon receiving a specific, valid BGP UPDATE message
A Use of Incorrect Byte Ordering vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS on SRX300 Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When a BGP update is received over an established BGP session which contains a...
CVE-2025-52980
CVE-2025-52980 is a Use of Incorrect Byte Ordering vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS on SRX300 Series. An unauthenticated, network-based attacker can crash rpd by sending a BGP UPDATE on an established BGP session containing a specific valid optional ...
CVE-2012-4099
The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote attackers to cause a denial of service BGP service reset and resync via a malformed UPDATE message, aka Bug ID CSCtn13065...
CVE-2009-2055
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service session reset via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009...
CVE-2009-2056
Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service process crash via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path...
CVE-2009-1154
Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service process crash via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute...
CVE-2025-30657
An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon SRRD of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When a device configured for flow-monitoring receives a specific BGP update message, i...
Security Bulletin: Vulnerability in BIND affects IBM Integrated Analytics System [CVE-2022-3094]
Summary Redhat provided BIND is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2022-3094 Vulnerability Details CVEID:CVE-2022-3094 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by the allocation of memory prior to...
Lumma/Amadey: fake CAPTCHAs want to know if you’re human
Attackers are increasingly distributing malware through a rather unusual method: a fake CAPTCHA as the initial infection vector. Researchers from various companies reported this campaign in August and September. The attackers, primarily targeting gamers, initially delivered the Lumma stealer to...
CVE-2024-47507 Junos OS and Junos OS Evolved: BGP update message containing aggregator attribute with an ASN value of zero (0) is accepted
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices. When a peer sends a BGP update messa...
CVE-2024-39555 Junos OS and Junos OS Evolved: Receipt of a specific malformed BGP update causes the session to reset
An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service DoS. Continued recei...
CBL Mariner 2.0 Security Update: frr (CVE-2023-47234)
The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-47234 advisory. - An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE...
The vulnerability of the network routing implementation software on Unix-like systems, related to memory release errors, allows a hacker to cause a service failure.
The vulnerability of the FRRouting software for implementing network routing on Unix-like systems is related to improper processing of the BGP UPDATE message sent with EOR. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
RHEL 5 : quagga (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - quagga: VPNv4 NLRI parser memcpys to stack on unchecked length CVE-2016-2342 - quagga: Double free...
frr: crafted BGP UPDATE message leading to a crash
A flaw was found in FRRouting. A crash can occur for a crafted BGP UPDATE message without mandatory attributes for example, one with only an unknown transit attribute...
PT-2024-40748 · Git +1 · Pcapplusplus
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 2 crash has been reported. The crash involves the pcpp::BgpLayer::getHeaderLen, pcpp::Packet::shortenLayer, and...
DEBIAN-CVE-2024-31948
In FRRouting FRR through 9.1, an attacker using a malformed Prefix SID attribute in a BGP UPDATE packet can cause the bgpd daemon to crash...
Moderate: Red Hat Security Advisory: frr security update
An update for frr is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...