Skip to main content

Picotcp

16 CVEs product

Monthly

CVE-2023-35849 HIGH PATCH This Week

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Picotcp
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-35848 HIGH PATCH This Week

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Picotcp
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-35847 HIGH PATCH This Week

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Picotcp
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-35846 HIGH PATCH This Week

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Picotcp
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-30463 HIGH POC This Week

Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Denial Of Service Picotcp
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2020-24341 CRITICAL Act Now

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp Picotcp Ng
NVD
CVSS 3.1
9.1
EPSS
4.9%
CVE-2020-24340 HIGH This Week

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp Picotcp Ng
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-24339 HIGH This Week

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp Picotcp Ng
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-24338 CRITICAL Act Now

An issue was discovered in picoTCP through 1.7.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Picotcp
NVD
CVSS 3.1
9.8
EPSS
35.9%
CVE-2020-24337 HIGH This Week

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Picotcp Picotcp Ng
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-17445 HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp
NVD
CVSS 3.1
7.5
EPSS
2.9%
CVE-2020-17444 HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Picotcp
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-17443 HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Picotcp
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-17442 HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integer Overflow Picotcp
NVD
CVSS 3.1
7.5
EPSS
2.9%
CVE-2020-17441 CRITICAL Act Now

An issue was discovered in picoTCP 1.7.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp Mplab Harmony
NVD
CVSS 3.1
9.1
EPSS
7.1%
CVE-2017-1000210 CRITICAL PATCH Act Now

picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Denial Of Service Picotcp
NVD GitHub
CVSS 3.0
9.8
EPSS
0.8%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Picotcp
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Picotcp
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Picotcp
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Picotcp
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Denial Of Service +1
NVD GitHub
EPSS 5% CVSS 9.1
CRITICAL Act Now

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp +1
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp +1
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp +1
NVD
EPSS 36% CVSS 9.8
CRITICAL Act Now

An issue was discovered in picoTCP through 1.7.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption +1
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Picotcp Picotcp Ng
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Picotcp
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Picotcp
NVD
EPSS 3% CVSS 7.5
HIGH This Week

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integer Overflow Picotcp
NVD
EPSS 7% CVSS 9.1
CRITICAL Act Now

An issue was discovered in picoTCP 1.7.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Picotcp +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Denial Of Service +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy