42 matches found
EUVD-2020-17073
Malware in sbrugna...
CVE-2023-35848
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member...
CVE-2023-35847
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not have an MSS lower bound e.g., it could be zero...
CVE-2023-35847
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not have an MSS lower bound e.g., it could be zero...
CVE-2023-35849
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet...
CVE-2023-35849
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet...
CVE-2023-35846
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not check the transport layer length in a frame before performing port filtering...
CVE-2023-35848
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member...
Design/Logic Flaw
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not have an MSS lower bound e.g., it could be zero...
Code injection
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member...
Code injection
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not check the transport layer length in a frame before performing port filtering...
Design/Logic Flaw
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet...
CVE-2023-35846
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not check the transport layer length in a frame before performing port filtering...
CVE-2023-35848
CVE-2023-35848 affects VirtualSquare PicoTCP-NG (aka picoTCP) up to version 2.1. The root cause is missing size calculations before setting a value in an mss structure member, which can impact packet processing. Documented impact per CVSS indicates high impact to availability with no confidential...
CVE-2023-35847
VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not have an MSS lower bound e.g., it could be zero...
CVE-2023-35849
The CVE-2023-35849 entry concerns VirtualSquare picoTCP (PicoTCP-NG) up to version 2.1. The vulnerability is caused by improper checking of header sizes, which can result in accessing data outside of a packet. The available sources indicate this affects PicoTCP-NG 2.1 and earlier, with CVSS v3.1 ...
CVE-2023-35846
VirtualSquare PicoTCP-NG (aka PicoTCP-NG) up to version 2.1 is affected by a vulnerability in which the transport-layer length is not checked within a frame before port filtering. The issue is described across multiple sources as affecting the PicoTCP-NG stack (VirtualSquare) and is associated wi...
CVE-2021-33304
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/picofragments.c in function picofragmentsreassemble, allows attackers to execute arbitrary code...
SUSE CVE-2020-24337
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcpparseoptions in picotcp.c...
SUSE CVE-2020-24340
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in picomdnshandledataasanswersgeneric in picomdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the response data available in the...