Vulnerabilities > Treck > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-12-22 CVE-2020-25066 Out-of-bounds Write vulnerability in Treck Tcp/Ip
A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.
network
low complexity
treck CWE-787
critical
9.8
2020-06-17 CVE-2020-11901 Incorrect Calculation of Buffer Size vulnerability in Treck Tcp/Ip
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
network
high complexity
treck CWE-131
critical
9.0
2020-06-17 CVE-2020-11898 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Treck Tcp/Ip
The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak.
network
low complexity
treck CWE-119
critical
9.1
2020-06-17 CVE-2020-11897 Out-of-bounds Write vulnerability in Treck Tcp/Ip 4.7.1.27
The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.
network
low complexity
treck CWE-787
critical
10.0
2020-06-17 CVE-2020-11896 Out-of-bounds Write vulnerability in Treck Tcp/Ip
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.
network
low complexity
treck CWE-787
critical
10.0