Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
altran picotcp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-1000210
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
Altran Picotcp 1.6.2
Altran Picotcp 1.6.1
Altran Picotcp 1.5.0
Altran Picotcp 1.7.0
Altran Picotcp 1.6.0
Altran Picotcp 1.5.1
7.5
CVSSv3
CVE-2020-24337
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcp_parse...
Altran Picotcp
Altran Picotcp-ng
1 Github repository
7.5
CVSSv3
CVE-2020-24340
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the respo...
Altran Picotcp
Altran Picotcp-ng
9.1
CVSSv3
CVE-2020-24341
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually ca...
Altran Picotcp
Altran Picotcp-ng
7.5
CVSSv3
CVE-2020-24339
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS ...
Altran Picotcp
Altran Picotcp-ng
9.8
CVSSv3
CVE-2021-33304
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows malicious users to execute arbitrary code.
Altran Picotcp 1.7.0
Altran Picotcp-ng 2.1
7.5
CVSSv3
CVE-2020-17442
An issue exists in picoTCP 1.7.0. The code for parsing the hop-by-hop IPv6 extension headers does not validate the bounds of the extension header length value, which may result in Integer Wraparound. Therefore, a crafted extension header length value may cause Denial-of-Service b...
Altran Picotcp
7.5
CVSSv3
CVE-2020-17443
An issue exists in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the ...
Altran Picotcp
7.5
CVSSv3
CVE-2020-17444
An issue exists in picoTCP 1.7.0. The routine for processing the next header field (and deducing whether the IPv6 extension headers are valid) doesn't check whether the header extension length field would overflow. Therefore, if it wraps around to zero, iterating through the...
Altran Picotcp
7.5
CVSSv3
CVE-2020-17445
An issue exists in picoTCP 1.7.0. The code for processing the IPv6 destination options does not check for a valid length of the destination options header. This results in an Out-of-Bounds Read, and, depending on the memory protection mechanism, this may result in Denial-of-Servi...
Altran Picotcp
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »