Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
altran picotcp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-30463
Altran picoTCP up to and including 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 ...
Altran Picotcp
9.8
CVSSv3
CVE-2021-33304
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows malicious users to execute arbitrary code.
Altran Picotcp 1.7.0
Altran Picotcp-ng 2.1
9.1
CVSSv3
CVE-2020-17441
An issue exists in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either Denial-o...
Altran Picotcp
Microchip Mplab Harmony
7.5
CVSSv3
CVE-2020-17442
An issue exists in picoTCP 1.7.0. The code for parsing the hop-by-hop IPv6 extension headers does not validate the bounds of the extension header length value, which may result in Integer Wraparound. Therefore, a crafted extension header length value may cause Denial-of-Service b...
Altran Picotcp
7.5
CVSSv3
CVE-2020-17443
An issue exists in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the ...
Altran Picotcp
7.5
CVSSv3
CVE-2020-17444
An issue exists in picoTCP 1.7.0. The routine for processing the next header field (and deducing whether the IPv6 extension headers are valid) doesn't check whether the header extension length field would overflow. Therefore, if it wraps around to zero, iterating through the...
Altran Picotcp
7.5
CVSSv3
CVE-2020-17445
An issue exists in picoTCP 1.7.0. The code for processing the IPv6 destination options does not check for a valid length of the destination options header. This results in an Out-of-Bounds Read, and, depending on the memory protection mechanism, this may result in Denial-of-Servi...
Altran Picotcp
1 Github repository
7.5
CVSSv3
CVE-2020-24337
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcp_parse...
Altran Picotcp
Altran Picotcp-ng
1 Github repository
7.5
CVSSv3
CVE-2020-24340
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the respo...
Altran Picotcp
Altran Picotcp-ng
9.1
CVSSv3
CVE-2020-24341
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually ca...
Altran Picotcp
Altran Picotcp-ng
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »