PT-2021-2228 · Oryx · Cyclonetcp

Name of the Vulnerable Software and Affected Versions: Oryx CycloneTCP version 1.9.6 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the CycloneTCP stack implementation. This could allow a remote attacker to gain unauthorized access to protecte...

PT-2021-2229 · Siemens · Simatic Mv400

Name of the Vulnerable Software and Affected Versions: SIMATIC MV400 family versions prior to v7.0.6 Description: The issue is related to the implementation of the ISN generator in the TI-NDKTCPIP protocol stack, which uses insufficiently random values. This could allow a remote attacker to predi...

PT-2021-2231 · Contiki · Contiki

Name of the Vulnerable Software and Affected Versions: Contiki version 4.5 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the Contiki OS uIP protocol stack implementation. This could allow a remote attacker to gain unauthorized access to...

PT-2021-2230 · Fnet · Fnet

Name of the Vulnerable Software and Affected Versions: FNET version 4.6.3 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the FNET protocol stack implementation. This could allow a remote attacker to gain unauthorized access to protected...

PT-2021-2233 · Microchip · Mplab Net

Name of the Vulnerable Software and Affected Versions: Microchip MPLAB Net version 3.6.1 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the implementation of the MPLAB Net protocol stack. This could allow a remote attacker to gain unauthorized...

PT-2021-2232 · Picotcp · Picotcp

Name of the Vulnerable Software and Affected Versions: PicoTCP version 1.7.0 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the PicoTCP stack implementation. This could potentially allow a remote attacker to gain unauthorized access to protect...

MGASA-2021-0109 Updated screen packages fix security vulnerability

Felix Weinmann reported a flaw in the handling of combining characters in screen, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence CVE-2021-26937...

Updated screen packages fix security vulnerability

Felix Weinmann reported a flaw in the handling of combining characters in screen, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence CVE-2021-26937...

EulerOS Virtualization 3.0.6.6 : nss (EulerOS-SA-2021-1502)

According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multipl...

The vulnerability of the ISN IP pool generator implementation used in NutOS and Nut/Net arises from the use of insufficiently random values, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the ISN IP pool generator implemented in NutOS and Nut/Net relates to the use of insufficiently random values. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

PT-2021-2224 · Silicon · Uc/Tcp-Ip

Name of the Vulnerable Software and Affected Versions: Silicon Labs uC/TCP-IP version 3.6.0 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the stack protocol used by uC/OS and uC/TCP-IP. This could allow a remote attacker to gain unauthorized...

The vulnerability of the implementation of the ISN generator in the protocols used by uC/OS and uC/TCP-IP allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ISN generator implementation in the uC/OS and uC/TCP-IP protocols is related to the use of insufficiently random values. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

Xterm Input Validation Error Vulnerability

XTerm is a terminal emulator on the X Window System used to provide multiple independent SHELL inputs and outputs. An input validation error vulnerability exists in Xterm that originates from allowing remote attackers to cause a denial of service segmentation error or possibly have unspecified...

MGASA-2021-0094 Updated xterm package fixes security vulnerability

xterm through Patch 365 allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted UTF-8 character sequence. CVE-2021-27135...

PT-2024-11038 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the TCP QUEUE SEQ option. The issue was reported by Qingyu Li, who found a syzkaller bug that changes the RCV SEQ after...

[SECURITY] [DSA 4861-1] screen security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4861-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 21, 2021 https://www.debian.org/security/faq -...

Denial Of Service (DoS)

screen is vulnerable to denial of service DoS. The vulnerability exists in encoding.c through an invalid write access via a crafted UTF-8 character sequence...

Multiple Embedded TCP/IP Stacks (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Multiple Equipment: Nut/Net, CycloneTCP, NDKTCPIP, FNET, uIP-Contiki-OS, uC/TCP-IP, uIP-Contiki-NG, uIP, picoTCP-NG, picoTCP, MPLAB Net, Nucleus NET, Nucleus ReadyStart Vulnerabilities: Use of...

DEBIAN-CVE-2021-27135

xterm before Patch 366 allows remote attackers to execute arbitrary code or cause a denial of service segmentation fault via a crafted UTF-8 combining character sequence...

CVE-2021-27135

xterm before Patch 366 allows remote attackers to execute arbitrary code or cause a denial of service segmentation fault via a crafted UTF-8 combining character sequence...