Vendor CVEs
Treck
All CVEs
23 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-11896 | Cri | 0.68 | 10.0 | 0.37 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. | ||
| CVE-2020-11897 | Cri | 0.66 | 10.0 | 0.09 | Jun 17, 2020 | The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets. | ||
| CVE-2020-25066 | Cri | 0.65 | 10.0 | 0.03 | Dec 22, 2020 | A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code. | ||
| CVE-2020-11898 | Cri | 0.61 | 9.1 | 0.19 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak. | ||
| CVE-2020-11901 | Cri | 0.60 | 9.0 | 0.21 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response. | ||
| CVE-2020-11900 | Hig | 0.54 | 8.2 | 0.13 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free. | ||
| CVE-2020-11899 | Med | 0.49 | 5.4 | 0.19 | KEV | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | |
| CVE-2020-27337 | Hig | 0.48 | 7.3 | 0.01 | Dec 22, 2020 | An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the IPv6 component allows an unauthenticated remote attacker to cause an Out of Bounds Write, and possibly a Denial of Service via network access. | ||
| CVE-2020-11904 | Hig | 0.48 | 7.3 | 0.03 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write. | ||
| CVE-2020-11902 | Hig | 0.48 | 7.3 | 0.09 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read. | ||
| CVE-2020-11905 | Med | 0.42 | 6.5 | 0.02 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read. | ||
| CVE-2020-11903 | Med | 0.42 | 6.5 | 0.02 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read. | ||
| CVE-2020-11907 | Med | 0.41 | 6.3 | 0.02 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP. | ||
| CVE-2020-11906 | Med | 0.41 | 6.3 | 0.02 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow. | ||
| CVE-2020-27338 | Med | 0.38 | 5.9 | 0.01 | Dec 22, 2020 | An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the DHCPv6 client component allows an unauthenticated remote attacker to cause an Out of Bounds Read, and possibly a Denial of Service via adjacent network access. | ||
| CVE-2020-11913 | Med | 0.35 | 5.3 | 0.03 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | ||
| CVE-2020-11912 | Med | 0.35 | 5.3 | 0.05 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read. | ||
| CVE-2020-11911 | Med | 0.35 | 5.3 | 0.03 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control. | ||
| CVE-2020-11910 | Med | 0.35 | 5.3 | 0.11 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read. | ||
| CVE-2020-11909 | Med | 0.35 | 5.3 | 0.04 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow. | ||
| CVE-2020-11914 | Med | 0.28 | 4.3 | 0.02 | Jun 17, 2020 | The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read. | ||
| CVE-2020-11908 | Med | 0.28 | 4.3 | 0.02 | Jun 17, 2020 | The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP. | ||
| CVE-2020-27336 | Low | 0.24 | 3.7 | 0.02 | Dec 22, 2020 | An issue was discovered in Treck IPv6 before 6.0.1.68. Improper input validation in the IPv6 component when handling a packet sent by an unauthenticated remote attacker could result in an out-of-bounds read of up to three bytes via network access. |
- risk 0.68cvss 10.0epss 0.37
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.
- risk 0.66cvss 10.0epss 0.09
The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.
- risk 0.65cvss 10.0epss 0.03
A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.
- risk 0.61cvss 9.1epss 0.19
The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak.
- risk 0.60cvss 9.0epss 0.21
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
- risk 0.54cvss 8.2epss 0.13
The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.
- risk 0.49cvss 5.4epss 0.19
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
- risk 0.48cvss 7.3epss 0.01
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the IPv6 component allows an unauthenticated remote attacker to cause an Out of Bounds Write, and possibly a Denial of Service via network access.
- risk 0.48cvss 7.3epss 0.03
The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write.
- risk 0.48cvss 7.3epss 0.09
The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.
- risk 0.42cvss 6.5epss 0.02
The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.
- risk 0.42cvss 6.5epss 0.02
The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read.
- risk 0.41cvss 6.3epss 0.02
The Treck TCP/IP stack before 6.0.1.66 improperly handles a Length Parameter Inconsistency in TCP.
- risk 0.41cvss 6.3epss 0.02
The Treck TCP/IP stack before 6.0.1.66 has an Ethernet Link Layer Integer Underflow.
- risk 0.38cvss 5.9epss 0.01
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the DHCPv6 client component allows an unauthenticated remote attacker to cause an Out of Bounds Read, and possibly a Denial of Service via adjacent network access.
- risk 0.35cvss 5.3epss 0.03
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
- risk 0.35cvss 5.3epss 0.05
The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.
- risk 0.35cvss 5.3epss 0.03
The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control.
- risk 0.35cvss 5.3epss 0.11
The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read.
- risk 0.35cvss 5.3epss 0.04
The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.
- risk 0.28cvss 4.3epss 0.02
The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.
- risk 0.28cvss 4.3epss 0.02
The Treck TCP/IP stack before 4.7.1.27 mishandles '\0' termination in DHCP.
- risk 0.24cvss 3.7epss 0.02
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper input validation in the IPv6 component when handling a packet sent by an unauthenticated remote attacker could result in an out-of-bounds read of up to three bytes via network access.