Vulnerabilities > Treck > TCP IP > 4.7.1.27
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-17 | CVE-2020-11904 | Integer Overflow or Wraparound vulnerability in Treck Tcp/Ip The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write. | 7.3 |
| 2020-06-17 | CVE-2020-11903 | Out-of-bounds Read vulnerability in Treck Tcp/Ip 4.7.1.27/5.0.1.35 The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read. | 6.5 |
| 2020-06-17 | CVE-2020-11902 | Out-of-bounds Read vulnerability in Treck Tcp/Ip The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read. | 7.3 |
| 2020-06-17 | CVE-2020-11901 | Incorrect Calculation of Buffer Size vulnerability in Treck Tcp/Ip The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response. | 9.0 |
| 2020-06-17 | CVE-2020-11900 | Double Free vulnerability in Treck Tcp/Ip 4.7.1.27/5.0.1.35/6.0.1.28 The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free. | 8.2 |
| 2020-06-17 | CVE-2020-11899 | Out-of-bounds Read vulnerability in multiple products The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | 5.4 |
| 2020-06-17 | CVE-2020-11898 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Treck Tcp/Ip The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak. | 9.1 |
| 2020-06-17 | CVE-2020-11897 | Out-of-bounds Write vulnerability in Treck Tcp/Ip 4.7.1.27 The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets. | 10.0 |
| 2020-06-17 | CVE-2020-11896 | Out-of-bounds Write vulnerability in Treck Tcp/Ip The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. | 10.0 |
| 2020-06-02 | CVE-2020-10136 | Authentication Bypass by Spoofing vulnerability in multiple products IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing. | 5.3 |