Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ack vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2613
Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.
7.5
CVSSv3
CVE-2021-45098
An issue exists in Suricata prior to 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP ...
Oisf Suricata
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.8
CVSSv3
CVE-2019-12257
Wind River VxWorks 6.6 up to and including 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
Windriver Vxworks
Sonicwall Sonicos
Sonicwall Sonicos 6.2.7.1
Sonicwall Sonicos 6.2.7.7
Sonicwall Sonicos 6.2.7.0
Siemens Siprotec 5 Firmware
Netapp E-series Santricity Os Controller
Siemens Ruggedcom Win7000 Firmware
Siemens Ruggedcom Win7018 Firmware
Siemens Ruggedcom Win7025 Firmware
Siemens Ruggedcom Win7200 Firmware
Belden Hirschmann Hios
Belden Garrettcom Magnum Dx940e Firmware
1 Article
7.5
CVSSv3
CVE-2021-3320
Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-27r3-rxch-2hm7
Zephyrproject Zephyr
NA
CVE-2002-1071
ZyXEL Prestige 642R allows remote malicious users to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set.
Zyxel Prestige 310
Zyxel Prestige 642r
1 EDB exploit
NA
CVE-1999-0770
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an malicious user to conduct a denial of service via a large number of connection attempts to unresponsive systems.
Checkpoint Firewall-1 4.0
Checkpoint Firewall-1 3.0
1 EDB exploit
NA
CVE-2006-3920
The TCP implementation in Sun Solaris 8, 9, and 10 prior to 20060726 allows remote malicious users to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm.
Sun Solaris 9.0
Sun Solaris 10.0
Sun Sunos 5.8
7.5
CVSSv3
CVE-2021-30310
Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdra...
Qualcomm Apq8009 Firmware -
Qualcomm Apq8017 Firmware -
Qualcomm Apq8053 Firmware -
Qualcomm Apq8096au Firmware -
Qualcomm Csrb31024 Firmware -
Qualcomm Mdm9206 Firmware -
Qualcomm Mdm9250 Firmware -
Qualcomm Mdm9607 Firmware -
Qualcomm Mdm9626 Firmware -
Qualcomm Mdm9628 Firmware -
Qualcomm Mdm9640 Firmware -
Qualcomm Mdm9650 Firmware -
Qualcomm Mdm9655 Firmware -
Qualcomm Msm8996au Firmware -
Qualcomm Qca4020 Firmware -
Qualcomm Qca4531 Firmware -
Qualcomm Qca6174a Firmware -
Qualcomm Qca6175a Firmware -
Qualcomm Qca6310 Firmware -
Qualcomm Qca6320 Firmware -
Qualcomm Qca6564 Firmware -
Qualcomm Qca6564a Firmware -
NA
CVE-2007-1530
The LLTD Mapper in Microsoft Windows Vista does not properly gather responses to EMIT packets, which allows remote malicious users to cause a denial of service (mapping failure) by omitting an ACK response, which triggers an XML syntax error.
Microsoft Windows Vista
NA
CVE-2002-1712
Microsoft Windows 2000 allows remote malicious users to cause a denial of service (memory consumption) by sending a flood of empty TCP/IP packets with the ACK and FIN bits set to the NetBIOS port (TCP/139), as demonstrated by stream3.
Microsoft Windows Nt 4.0
Microsoft Windows 2000
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »