Lucene search
K

294 matches found

Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.6 views

PT-2024-12738 · Unknown · Weston Embedded Uc-Tcp-Ip

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-TCP-IP version 3.06.01 Description: A double-free vulnerability exists in the IP header loopback parsing functionality. This can be triggered by a specially crafted set of network packets, leading to memory corruption and...

9.1CVSS9.9AI score0.01081EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/02/20 12:0 a.m.7 views

Weston Embedded uC-TCP-IP Security Vulnerability

Weston Embedded uC-TCP-IP is a TCP/IP stack for embedded systems from Weston Embedded. A security vulnerability exists in Weston Embedded uC-TCP-IP version v3.06.01 that stems from a denial of service vulnerability in the ICMP and ICMPv6 parsing functions...

5.9CVSS6.7AI score0.00811EPSS
Exploits1References2
CVE
CVE
added 2023/12/05 12:24 a.m.42 views

CVE-2023-48691

Azure RTOS NetX Duo contains an out-of-bounds write in the IGMP-related path (RTOS v6.2.1 and below) that could allow remote code execution. The vulnerability affects the NetX Duo TCP/IP stack used in embedded/IoT contexts. The publicly documented fix is in NetX Duo release 6.3.0; upgrading is ad...

9.8CVSS9.3AI score0.03134EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/17 12:0 a.m.4 views

PT-2023-7501 · Microsoft · Azure Rtos Netx Duo

Name of the Vulnerable Software and Affected Versions: Azure RTOS NetX Duo versions 6.2.1 and below Description: The issue is related to a memory overflow vulnerability in the Azure RTOS NetX Duo TCP/IP network stack, which can be exploited by an attacker to achieve remote code execution. The...

9.8CVSS9.7AI score0.03134EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/09/21 12:0 a.m.24 views

Siemens LOGO! CMR and SIMATIC RTU 3000 Use of Insufficiently Random Values (CVE-2021-37186)

A vulnerability has been identified in LOGO! CMR2020 All versions V2.2, LOGO! CMR2040 All versions V2.2, SIMATIC RTU3010C All versions V4.0.9, SIMATIC RTU3030C All versions V4.0.9, SIMATIC RTU3031C All versions V4.0.9, SIMATIC RTU3041C All versions V4.0.9. The underlying TCP/IP stack does not...

5.4CVSS6.2AI score0.00356EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/27 12:0 a.m.36 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Open-iSCSI vulnerabilities (USN-6259-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6259-1 advisory. Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets...

8.2CVSS7.1AI score0.03912EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.32 views

ABB Concurrent Execution Using Shared Resource with Improper Synchronization in Wind River VxWorks (CVE-2019-12263)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

8.1CVSS8.9AI score0.03189EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.36 views

ABB Improper Neutralization of Argument Delimiters in a Command in Wind River VxWorks (CVE-2019-12262)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

9.8CVSS9AI score0.04116EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.26 views

ABB Improper Restriction of Operations Within the Bounds of a Memory Buffer in Wind River VxWorks (CVE-2019-12261)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

9.8CVSS9AI score0.08967EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.36 views

ABB Improper Neutralization of Argument Delimiters in a Command in Wind River VxWorks (CVE-2019-12258)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

7.5CVSS8.8AI score0.23354EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.36 views

ABB Heap-Based Buffer Overflow in Wind River VxWorks (CVE-2019-12257)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

8.8CVSS9AI score0.84177EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.37 views

ABB Improper Restriction of Operations Within the Bounds of a Memory Buffer in Wind River VxWorks (CVE-2019-12260)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

9.8CVSS9AI score0.22844EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.31 views

ABB Improper Neutralization of Argument Delimiters in a Command in Wind River VxWorks (CVE-2019-12264)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

7.1CVSS8.1AI score0.08311EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.39 views

ABB Integer Underflow in Wind River VxWorks (CVE-2019-12255)

Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...

9.8CVSS8AI score0.7525EPSS
Exploits5References4
F5 Networks
F5 Networks
added 2023/02/21 7:59 p.m.104 views

K17133899: Multiple Treck TCP/IP stack vulnerabilities

Security Advisory Description CVE-2020-11896 The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. CVE-2020-11897 The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets. CVE-2020-11898 The Treck TCP/IP stack...

10CVSS6.5AI score0.36965EPSS
Exploits21
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.5 views

SUSE CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

9.3CVSS9.1AI score0.21115EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.4 views

SUSE CVE-2020-11912

The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read...

5.3CVSS5.5AI score0.04521EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.4 views

SUSE CVE-2020-13987

An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upperlayerchksum in net/ipv4/uip.c...

8.2CVSS7AI score0.03194EPSS
Exploits0References18
NVD
NVD
added 2023/02/10 4:15 a.m.26 views

CVE-2022-43501

KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...

9.1CVSS9.1AI score0.00565EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/02/10 12:0 a.m.10 views

CVE-2022-43501

KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...

7AI score0.00565EPSS
Exploits0References2
Rows per page
Query Builder