Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-18139

Malware in sbrugna...

9.8CVSS9.4AI score0.03155EPSS
Exploits0References4
NVD
NVD
added 2021/08/19 12:15 p.m.30 views

CVE-2021-31401

An issue was discovered in tcprcv in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field header length + data length. With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is...

7.5CVSS0.02252EPSS
Exploits0References3
CVE
CVE
added 2021/08/19 11:25 a.m.65 views

CVE-2021-31401

CVE-2021-31401 affects HCC Embedded’s InterNiche/NicheStack TCP/IP stack (InterNiche 4.0.1). The issue is an improper input validation in TCP/IP processing: the TCP/IP stack does not validate the IP total length, allowing a crafted IP packet to trigger an integer overflow in tcp_rcv() (nptcp.c). ...

7.5CVSS8.7AI score0.02252EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/08/19 11:15 a.m.28 views

CVE-2021-31227

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length,...

7.5CVSS0.01675EPSS
Exploits0References2
OSV
OSV
added 2021/08/19 11:15 a.m.5 views

CVE-2021-31227

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length,...

7.5CVSS7.7AI score0.01675EPSS
Exploits0References2
NVD
NVD
added 2021/08/19 11:15 a.m.17 views

CVE-2021-31226

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to lack of size validation. This vulnerability requires the attacker to send a crafted HTTP POST request with a URI longer than 50 bytes. This leads...

9.8CVSS0.03155EPSS
Exploits0References2
NVD
NVD
added 2021/08/19 11:15 a.m.15 views

CVE-2021-31228

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests without sniffing the specific request. Data is...

7.5CVSS0.0127EPSS
Exploits0References2
Prion
Prion
added 2021/08/19 11:15 a.m.20 views

Heap overflow

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length,...

5CVSS8.8AI score0.01675EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/19 11:15 a.m.19 views

Information disclosure

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests without sniffing the specific request. Data is...

5CVSS8.5AI score0.0127EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/19 11:15 a.m.24 views

Design/Logic Flaw

An issue was discovered in tcppulloutofband in tcpin.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap...

5CVSS8.5AI score0.01493EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/19 11:15 a.m.28 views

Heap overflow

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to lack of size validation. This vulnerability requires the attacker to send a crafted HTTP POST request with a URI longer than 50 bytes. This leads...

7.5CVSS9.5AI score0.03155EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/08/19 10:52 a.m.22 views

CVE-2021-31400

An issue was discovered in tcppulloutofband in tcpin.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap...

8.1AI score0.01493EPSS
Exploits0References2
CVE
CVE
added 2021/08/19 10:52 a.m.65 views

CVE-2021-31400

CVE-2021-31400 affects HCC Embedded InterNiche/NicheStack TCP/IP stack (in tcp_pulloutofband() in tcp_in.c, 4.0.1) where out-of-band urgent data handling may call a panic, potentially causing an infinite loop and DoS. Public sources (NVD, Red Hat CVE page, CERT/ICS, ENISA ENISA, and ICSA Update B...

7.5CVSS7.8AI score0.01493EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/08/19 10:51 a.m.17 views

CVE-2021-31228

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests without sniffing the specific request. Data is...

8.1AI score0.0127EPSS
Exploits0References2
CVE
CVE
added 2021/08/19 10:50 a.m.71 views

CVE-2021-31227

CVE-2021-31227 affects HCC Embedded InterNiche/NicheStack. It is a heap-buffer-overflow in the HTTP POST parsing path (wbs_multidata) caused by an incorrect signed-integer comparison. Exploitation requires sending a malformed HTTP packet with a negative Content-Length, bypassing size checks and t...

7.5CVSS8.2AI score0.01675EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/08/19 10:50 a.m.39 views

CVE-2021-31227

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length,...

8.4AI score0.01675EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/08/19 10:48 a.m.25 views

CVE-2021-31226

An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to lack of size validation. This vulnerability requires the attacker to send a crafted HTTP POST request with a URI longer than 50 bytes. This leads...

9.8AI score0.03155EPSS
Exploits0References2
Rows per page
Query Builder