Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
altran picotcp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-1000210
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
Altran Picotcp 1.6.2
Altran Picotcp 1.6.1
Altran Picotcp 1.5.0
Altran Picotcp 1.7.0
Altran Picotcp 1.6.0
Altran Picotcp 1.5.1
6.4
CVSSv2
CVE-2020-24341
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually ca...
Altran Picotcp
Altran Picotcp-ng
5
CVSSv2
CVE-2020-24339
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS ...
Altran Picotcp
Altran Picotcp-ng
5
CVSSv2
CVE-2020-24340
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the respo...
Altran Picotcp
Altran Picotcp-ng
5
CVSSv2
CVE-2020-24337
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcp_parse...
Altran Picotcp
Altran Picotcp-ng
1 Github repository
NA
CVE-2021-33304
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows malicious users to execute arbitrary code.
Altran Picotcp 1.7.0
Altran Picotcp-ng 2.1
5
CVSSv2
CVE-2020-17444
An issue exists in picoTCP 1.7.0. The routine for processing the next header field (and deducing whether the IPv6 extension headers are valid) doesn't check whether the header extension length field would overflow. Therefore, if it wraps around to zero, iterating through the...
Altran Picotcp
NA
CVE-2023-30463
Altran picoTCP up to and including 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 ...
Altran Picotcp
7.5
CVSSv2
CVE-2020-24338
An issue exists in picoTCP up to and including 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet...
Altran Picotcp
5
CVSSv2
CVE-2020-17443
An issue exists in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the ...
Altran Picotcp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »