|
209091
|
5.3 |
MEDIUM
Network
|
butok
|
fnet
|
An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_pol…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2020-17470
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209092
|
7.5 |
HIGH
Network
|
butok
|
fnet
|
An issue was discovered in FNET through 4.6.4. The code for processing the hop-by-hop header (in the IPv6 extension headers) doesn't check for a valid length of an extension header, and therefore an …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-17468
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209093
|
9.1 |
CRITICAL
Network
|
butok
|
fnet
|
An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't ref…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-17467
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209094
|
7.5 |
HIGH
Network
|
butok
|
fnet
|
An issue was discovered in FNET through 4.6.4. The code for IPv6 fragment reassembly tries to access a previous fragment starting from a network incoming fragment that still doesn't have a reference …
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2020-17469
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209095
|
7.5 |
HIGH
Network
|
altran
|
picotcp
|
An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 destination options does not check for a valid length of the destination options header. This results in an Out-of-Bounds Re…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-17445
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209096
|
7.5 |
HIGH
Network
|
altran
|
picotcp
|
An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field (and deducing whether the IPv6 extension headers are valid) doesn't check whether the header extension lengt…
|
CWE-20
CWE-190
CWE-835
Improper Input Validation
Integer Overflow or Wraparound
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-17444
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209097
|
7.5 |
HIGH
Network
|
altran
|
picotcp
|
An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-17443
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209098
|
7.5 |
HIGH
Network
|
altran
|
picotcp
|
An issue was discovered in picoTCP 1.7.0. The code for parsing the hop-by-hop IPv6 extension headers does not validate the bounds of the extension header length value, which may result in Integer Wra…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-17442
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209099
|
9.1 |
CRITICAL
Network
|
altran
microchip
|
picotcp
mplab_harmony
|
An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to a…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-17441
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209100
|
7.5 |
HIGH
Network
|
uip_project
|
uip
|
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that domain names present in the DNS responses have '\0' ter…
|
NVD-CWE-Other
|
CVE-2020-17440
|
2024-11-21 14:08 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
