Home/Product/altran picotcp
Product

altran picotcp

18 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2020-27635
all versions
In PicoTCP 1.7.0, TCP ISNs are improperly random.
9.1CRITICAL
 CVE-2023-35849
<= 2.1
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data out
7.5HIGH
 CVE-2023-35848
<= 2.1
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss stru
7.5HIGH
 CVE-2023-35847
<= 2.1
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero).
7.5HIGH
 CVE-2023-35846
<= 2.1
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port fil
7.5HIGH
 CVE-2023-30463
<= 1.7.0
Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ip
7.5HIGH
 CVE-2021-33304
all versions
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragmen
9.8CRITICAL
 CVE-2020-24341
<= 1.7.0
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not val
9.1CRITICAL
 CVE-2020-24340
<= 1.7.0
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as
7.5HIGH
 CVE-2020-24339
<= 1.7.0
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dn
7.5HIGH
 CVE-2020-24338
<= 1.7.0
An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_na
9.8CRITICAL
 CVE-2020-24337
<= 1.7.0
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an
7.5HIGH
 CVE-2020-17445
<= 1.7.0
An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 destination options does not check for a valid length o
7.5HIGH
 CVE-2020-17444
<= 1.7.0
An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field (and deducing whether the IPv6 extensio
7.5HIGH
 CVE-2020-17443
<= 1.7.0
An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo reque
7.5HIGH
 CVE-2020-17442
<= 1.7.0
An issue was discovered in picoTCP 1.7.0. The code for parsing the hop-by-hop IPv6 extension headers does not validate the bounds
7.5HIGH
 CVE-2020-17441
<= 1.7.0
An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload leng
9.1CRITICAL
 CVE-2017-1000210
all versions
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
9.8CRITICAL
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh