Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
altran picotcp-ng vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-24337
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcp_parse...
Altran Picotcp
Altran Picotcp-ng
1 Github repository
7.5
CVSSv3
CVE-2020-24340
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the respo...
Altran Picotcp
Altran Picotcp-ng
9.1
CVSSv3
CVE-2020-24341
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually ca...
Altran Picotcp
Altran Picotcp-ng
7.5
CVSSv3
CVE-2020-24339
An issue exists in picoTCP and picoTCP-NG up to and including 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS ...
Altran Picotcp
Altran Picotcp-ng
9.8
CVSSv3
CVE-2021-33304
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows malicious users to execute arbitrary code.
Altran Picotcp 1.7.0
Altran Picotcp-ng 2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started