Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
altran picotcp 1.7.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-1000210
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
Altran Picotcp 1.6.2
Altran Picotcp 1.6.1
Altran Picotcp 1.5.0
Altran Picotcp 1.7.0
Altran Picotcp 1.6.0
Altran Picotcp 1.5.1
9.8
CVSSv3
CVE-2021-33304
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows malicious users to execute arbitrary code.
Altran Picotcp 1.7.0
Altran Picotcp-ng 2.1
7.5
CVSSv3
CVE-2020-24337
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcp_parse...
Altran Picotcp
Altran Picotcp-ng
1 Github repository
7.5
CVSSv3
CVE-2020-24339
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS ...
Altran Picotcp
Altran Picotcp-ng
9.1
CVSSv3
CVE-2020-24341
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually ca...
Altran Picotcp
Altran Picotcp-ng
7.5
CVSSv3
CVE-2020-24340
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the respo...
Altran Picotcp
Altran Picotcp-ng
7.5
CVSSv3
CVE-2023-30463
Altran picoTCP up to and including 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 ...
Altran Picotcp
7.5
CVSSv3
CVE-2020-17445
An issue exists in picoTCP 1.7.0. The code for processing the IPv6 destination options does not check for a valid length of the destination options header. This results in an Out-of-Bounds Read, and, depending on the memory protection mechanism, this may result in Denial-of-Servi...
Altran Picotcp
1 Github repository
9.8
CVSSv3
CVE-2020-24338
An issue exists in picoTCP up to and including 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet...
Altran Picotcp
7.5
CVSSv3
CVE-2020-17442
An issue exists in picoTCP 1.7.0. The code for parsing the hop-by-hop IPv6 extension headers does not validate the bounds of the extension header length value, which may result in Integer Wraparound. Therefore, a crafted extension header length value may cause Denial-of-Service b...
Altran Picotcp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »