CVE-2018-5391
- EPSS 3.82%
- Published 06.09.2018 21:29:00
- Last modified 21.11.2024 04:08:43
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments...
CVE-2018-5379
- EPSS 14.84%
- Published 19.02.2018 13:29:00
- Last modified 21.11.2024 04:08:41
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an...
CVE-2018-5380
- EPSS 1.4%
- Published 19.02.2018 13:29:00
- Last modified 21.11.2024 04:08:42
The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
CVE-2018-5381
- EPSS 10.09%
- Published 19.02.2018 13:29:00
- Last modified 21.11.2024 04:08:42
The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. The parser can enter an infinite loop on invalid capabilities if a Multi-Proto...
CVE-2015-5537
- EPSS 0.32%
- Published 03.08.2015 01:59:02
- Last modified 12.04.2025 10:46:40
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulne...