Lucene search
K

60 matches found

Vulnrichment
Vulnrichment
added 2025/10/10 5:10 p.m.2 views

CVE-2025-11617 Buffer Over-read when receiving IPv6 packets with incorrect payload length in FreeRTOS-Plus-TCP

A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and...

5.4CVSS6.6AI score0.00279EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/10 5:10 p.m.7 views

CVE-2025-11617 Buffer Over-read when receiving IPv6 packets with incorrect payload length in FreeRTOS-Plus-TCP

A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and...

5.4CVSS0.00279EPSS
Exploits0References3
CVE
CVE
added 2025/10/10 5:10 p.m.38 views

CVE-2025-11616

CVE-2025-11616 affects FreeRTOS-Plus-TCP: a missing validation check in the ICMPv6 packet processing code can cause an out-of-bounds read when handling certain ICMPv6 message types smaller than expected. The issue applies to IPv6-enabled applications. The documented mitigation is to upgrade to th...

5.4CVSS6.7AI score0.00279EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/10 5:10 p.m.7 views

EUVD-2025-33754

A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect applications using IPv6. Users should upgrade to the latest...

5.4CVSS6.6AI score0.00279EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.4 views

FreeRTOS-Plus-TCP 安全漏洞

FreeRTOS-Plus-TCP is an extensible open source and thread-safe TCP/IP stack for FreeRTOS. A security vulnerability exists in FreeRTOS-Plus-TCP that stems from a lack of validation checks in the IPv6 packet processing code, which could lead to out-of-bounds reads...

5.4CVSS6.6AI score0.00279EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.5 views

PT-2025-41583

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP affected versions not specified Description A validation flaw exists in the IPv6 packet processing code of FreeRTOS-Plus-TCP. This flaw can result in an out-of-bounds read when processing IPv6 packets containing incorrect...

5.4CVSS6.7AI score0.00279EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.5 views

FreeRTOS-Plus-TCP 安全漏洞

FreeRTOS-Plus-TCP is an extensible open source and thread-safe TCP/IP stack for FreeRTOS. A security vulnerability exists in FreeRTOS-Plus-TCP that stems from a lack of validation checks in the ICMPv6 packet processing code, which could lead to out-of-bounds reads...

5.4CVSS6.6AI score0.00279EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.8 views

PT-2025-41584

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP affected versions not specified Description A missing validation check in the UDP/IPv6 packet processing code can lead to an invalid pointer dereference when receiving a UDP/IPv6 packet with an incorrect IP version field in t...

5.3CVSS6.7AI score0.00308EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/10/10 12:0 a.m.4 views

PT-2025-41582

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP affected versions not specified Description A missing validation check in the ICMPv6 packet processing code can result in an out-of-bounds read when receiving ICMPv6 packets of specific message types that are smaller than...

5.4CVSS6.7AI score0.00279EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/10/10 12:0 a.m.9 views

FreeRTOS-Plus-TCP 安全漏洞

FreeRTOS-Plus-TCP is an extensible open source and thread-safe TCP/IP stack for FreeRTOS. A security vulnerability exists in FreeRTOS-Plus-TCP that stems from a lack of validation checks in the UDP/IPv6 packet processing code, which could lead to invalid pointer dereferences...

5.3CVSS6.6AI score0.00308EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-37285

Malicious code in bioql PyPI...

9.6CVSS6.6AI score0.00615EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/04 5:9 p.m.8 views

CVE-2025-5688 Out of Bounds Write in FreeRTOS-Plus-TCP

We have identified a buffer overflow issue allowing out-of-bounds write when processing LLMNR or mDNS queries with very long DNS names. This issue only affects systems using Buffer Allocation Scheme 1 with LLMNR or mDNS enabled. Users should upgrade to the latest version and ensure any forked or...

7.5CVSS7.4AI score0.00305EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/05 8:38 a.m.8 views

CVE-2024-38373

FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...

9.6CVSS6.9AI score0.00615EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/07/01 12:0 a.m.6 views

The vulnerability of the TCP/IP protocol stack implementation in the real-time operating system FreeRTOS-Plus-TCP allows a attacker to execute arbitrary code.

The vulnerability of the TCP/IP protocol stack implementation in the real-time operating system FreeRTOS-Plus-TCP lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially...

9.6CVSS6.4AI score0.00615EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/06/24 5:15 p.m.40 views

CVE-2024-38373

FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...

9.6CVSS0.00615EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/24 4:23 p.m.18 views

CVE-2024-38373 FreeRTOS-Plus-TCP Buffer Over-Read in DNS Response Parser

FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...

9.6CVSS7.1AI score0.00615EPSS
Exploits0References2
CVE
CVE
added 2024/06/24 4:23 p.m.72 views

CVE-2024-38373

CVE-2024-38373 affects FreeRTOS-Plus-TCP, specifically versions 4.0.0 through 4.1.0. The issue is a buffer over-read in the DNS Response Parser when processing domain names in a DNS response, which can allow reading beyond the DNS response buffer if a crafted response uses a domain name length va...

9.6CVSS8.8AI score0.00615EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/24 4:23 p.m.34 views

CVE-2024-38373 FreeRTOS-Plus-TCP Buffer Over-Read in DNS Response Parser

FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...

9.6CVSS0.00615EPSS
Exploits0References2
OSV
OSV
added 2024/06/24 4:23 p.m.24 views

CVE-2024-38373 FreeRTOS-Plus-TCP Buffer Over-Read in DNS Response Parser

FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...

9.6CVSS7AI score0.00615EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/06/24 12:0 a.m.4 views

FreeRTOS-Plus-TCP Security Vulnerability

FreeRTOS-Plus-TCP is an extensible open source and thread-safe TCP/IP stack for FreeRTOS. A security vulnerability exists in FreeRTOS-Plus-TCP versions prior to 4.1.1 that stems from a buffer over-read in the DNS response parser...

9.6CVSS7AI score0.00615EPSS
Exploits0References4
Rows per page
Query Builder