CVE-2022-43501

KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...

CVE-2021-37186

A vulnerability has been identified in LOGO! CMR2020 All versions V2.2, LOGO! CMR2040 All versions V2.2, SIMATIC RTU3010C All versions V4.0.9, SIMATIC RTU3030C All versions V4.0.9, SIMATIC RTU3031C All versions V4.0.9, SIMATIC RTU3041C All versions V4.0.9. The underlying TCP/IP stack does not...

CVE-2020-11896

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling...

CVE-2020-11903

The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read...

CVE-2020-11906

The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow...

CVE-2020-11913

The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read...

CVE-2020-11905

The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read...

CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

CVE-2020-11899

The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read...

CVE-2019-0688

An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'...

PLANET FW-WGS-804HPT 安全漏洞

PLANET FW-WGS-804HPT is a wall-mounted managed switch from PLANET China. A security vulnerability exists in PLANET FW-WGS-804HPT v1.305b241111, which originates from a stack overflow in the hostip parameter of the websnmpv3hostaddpost function...

CVE-2024-38373

FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the...

RHEL 7 : iscsi-initiator-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - iscsi-initiator-utils: Heap-based buffer overflow in processiscsidbroadcast CVE-2017-17840 - An issue was...

Weston Embedded uC-TCP-IP Security Vulnerability

Weston Embedded uC-TCP-IP is a TCP/IP stack for embedded systems from Weston Embedded. A security vulnerability exists in Weston Embedded uC-TCP-IP version v3.06.01 that stems from a denial of service vulnerability in the ICMP and ICMPv6 parsing functions...

PT-2024-12738 · Unknown · Weston Embedded Uc-Tcp-Ip

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-TCP-IP version 3.06.01 Description: A double-free vulnerability exists in the IP header loopback parsing functionality. This can be triggered by a specially crafted set of network packets, leading to memory corruption and...

CVE-2023-45229

A vulnerability has been identified in the NetworkPkg IP stack of EDK2, the open-source reference implementation of the UEFI specification. This flaw enables an unauthenticated attacker within the same network vicinity to transmit a specifically crafted DHCPv6 message. Exploiting this vulnerabili...

Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities

Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer IntSan and BoundsSanitizer BoundSan, both of which are part of...

CVE-2023-48691

Azure RTOS NetX Duo contains an out-of-bounds write in the IGMP-related path (RTOS v6.2.1 and below) that could allow remote code execution. The vulnerability affects the NetX Duo TCP/IP stack used in embedded/IoT contexts. The publicly documented fix is in NetX Duo release 6.3.0; upgrading is ad...

PT-2023-7501 · Microsoft · Azure Rtos Netx Duo

Name of the Vulnerable Software and Affected Versions: Azure RTOS NetX Duo versions 6.2.1 and below Description: The issue is related to a memory overflow vulnerability in the Azure RTOS NetX Duo TCP/IP network stack, which can be exploited by an attacker to achieve remote code execution. The...

Siemens LOGO! CMR and SIMATIC RTU 3000 Use of Insufficiently Random Values (CVE-2021-37186)

A vulnerability has been identified in LOGO! CMR2020 All versions V2.2, LOGO! CMR2040 All versions V2.2, SIMATIC RTU3010C All versions V4.0.9, SIMATIC RTU3030C All versions V4.0.9, SIMATIC RTU3031C All versions V4.0.9, SIMATIC RTU3041C All versions V4.0.9. The underlying TCP/IP stack does not...