CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code. | 10 |
Critical |
||
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | 5.4 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read. | 4.3 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | 5.3 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read. | 5.3 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control. | 5.3 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read. | 5.3 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow. | 5.3 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP. | 6.3 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow. | 6.3 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read. | 6.5 |
Medium |
||
The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write. | 7.3 |
High |
||
The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read. | 7.3 |
High |
||
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response. | 9 |
Critical |
||
The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free. | 8.2 |
High |
||
The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak. | 9.1 |
Critical |
||
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. | 10 |
Critical |
||
IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. | 5.3 |
Medium |