294 matches found
PT-2024-12738 · Unknown · Weston Embedded Uc-Tcp-Ip
Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-TCP-IP version 3.06.01 Description: A double-free vulnerability exists in the IP header loopback parsing functionality. This can be triggered by a specially crafted set of network packets, leading to memory corruption and...
Weston Embedded uC-TCP-IP Security Vulnerability
Weston Embedded uC-TCP-IP is a TCP/IP stack for embedded systems from Weston Embedded. A security vulnerability exists in Weston Embedded uC-TCP-IP version v3.06.01 that stems from a denial of service vulnerability in the ICMP and ICMPv6 parsing functions...
CVE-2023-48691
Azure RTOS NetX Duo contains an out-of-bounds write in the IGMP-related path (RTOS v6.2.1 and below) that could allow remote code execution. The vulnerability affects the NetX Duo TCP/IP stack used in embedded/IoT contexts. The publicly documented fix is in NetX Duo release 6.3.0; upgrading is ad...
PT-2023-7501 · Microsoft · Azure Rtos Netx Duo
Name of the Vulnerable Software and Affected Versions: Azure RTOS NetX Duo versions 6.2.1 and below Description: The issue is related to a memory overflow vulnerability in the Azure RTOS NetX Duo TCP/IP network stack, which can be exploited by an attacker to achieve remote code execution. The...
Siemens LOGO! CMR and SIMATIC RTU 3000 Use of Insufficiently Random Values (CVE-2021-37186)
A vulnerability has been identified in LOGO! CMR2020 All versions V2.2, LOGO! CMR2040 All versions V2.2, SIMATIC RTU3010C All versions V4.0.9, SIMATIC RTU3030C All versions V4.0.9, SIMATIC RTU3031C All versions V4.0.9, SIMATIC RTU3041C All versions V4.0.9. The underlying TCP/IP stack does not...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Open-iSCSI vulnerabilities (USN-6259-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6259-1 advisory. Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discovered that Open-iSCSI incorrectly handled certain checksums for IP packets...
ABB Concurrent Execution Using Shared Resource with Improper Synchronization in Wind River VxWorks (CVE-2019-12263)
Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...
ABB Improper Neutralization of Argument Delimiters in a Command in Wind River VxWorks (CVE-2019-12262)
Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...
ABB Improper Restriction of Operations Within the Bounds of a Memory Buffer in Wind River VxWorks (CVE-2019-12261)
Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...
ABB Improper Neutralization of Argument Delimiters in a Command in Wind River VxWorks (CVE-2019-12258)
Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...
ABB Heap-Based Buffer Overflow in Wind River VxWorks (CVE-2019-12257)
Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...
ABB Improper Restriction of Operations Within the Bounds of a Memory Buffer in Wind River VxWorks (CVE-2019-12260)
Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...
ABB Improper Neutralization of Argument Delimiters in a Command in Wind River VxWorks (CVE-2019-12264)
Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...
ABB Integer Underflow in Wind River VxWorks (CVE-2019-12255)
Wind River is the provider of a real time operating system called VxWorks which is used in the embedded software of the PM 877 Controller. Wind River has announced security vulnerabilities in the VxWorks TCP/IP stack IPnet and management of memory block size Bad Alloc. The controller PM 877 is...
K17133899: Multiple Treck TCP/IP stack vulnerabilities
Security Advisory Description CVE-2020-11896 The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. CVE-2020-11897 The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets. CVE-2020-11898 The Treck TCP/IP stack...
SUSE CVE-2020-11901
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...
SUSE CVE-2020-11912
The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read...
SUSE CVE-2020-13987
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upperlayerchksum in net/ipv4/uip.c...
CVE-2022-43501
KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...
CVE-2022-43501
KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...