Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
quagga quagga - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2018-5380
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
Quagga Quagga
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Siemens Ruggedcom Rox Ii Firmware
7.5
CVSSv3
CVE-2018-5381
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Protocol capability does ...
Quagga Quagga
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Siemens Ruggedcom Rox Ii Firmware
5.4
CVSSv3
CVE-2018-5280
SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.
Sonicwall Sonicos 6.2.7.0
Sonicwall Sonicos 6.2.9.0
Sonicwall Sonicos 6.5.0.0
Sonicwall Sonicos 6.5.1.0
Sonicwall Sonicos 6.5.2.0
5.4
CVSSv3
CVE-2018-5281
SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens.
Sonicwall Sonicos
7.8
CVSSv3
CVE-2018-5279
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e02c. NOTE: the vendor reported that they "have not been ...
Malwarebytes Malwarebytes 3.3.1.2183
7.8
CVSSv3
CVE-2018-5278
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c. NOTE: the vendor reported that they "have not been ...
Malwarebytes Malwarebytes 3.3.1.2183
7.5
CVSSv3
CVE-2017-16227
The aspath_put function in bgpd/bgp_aspath.c in Quagga prior to 1.2.2 allows remote malicious users to cause a denial of service (session drop) via BGP UPDATE messages, because AS_PATH size calculation for long paths counts certain bytes twice and consequently constructs an inval...
Quagga Quagga
Debian Debian Linux 9.0
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2016-1245
It exists that the zebra daemon in Quagga prior to 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.
Quagga Quagga
Debian Debian Linux 8.0
NA
CVE-2013-6051
The bgp_attr_unknown function in bgp_attr.c in Quagga 0.99.21 does not properly initialize the total variable, which allows remote malicious users to cause a denial of service (bgpd crash) via a crafted BGP update.
Quagga Quagga 0.99.21
NA
CVE-2012-1820
The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and previous versions allows remote malicious users to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering (ORF) capabil...
Quagga Quagga 0.99.7
Quagga Quagga 0.99.9
Quagga Quagga 0.99.6
Quagga Quagga 0.99.10
Quagga Quagga 0.98.1
Quagga Quagga 0.98.2
Quagga Quagga 0.97.4
Quagga Quagga 0.97.5
Quagga Quagga 0.99.20
Quagga Quagga 0.99.18
Quagga Quagga 0.99.5
Quagga Quagga 0.99.8
Quagga Quagga 0.99.13
Quagga Quagga 0.99.4
Quagga Quagga 0.98.5
Quagga Quagga 0.97.0
Quagga Quagga 0.97.1
Quagga Quagga 0.96.2
Quagga Quagga 0.96.3
Quagga Quagga 0.99.17
Quagga Quagga 0.99.11
Quagga Quagga 0.99.16
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »