Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. Date published : 2020-12-11 https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26421.json https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M75HYXU36SP6GHIDPHNZGJKEO6TX4C4Y/
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. Date published : 2020-12-11 https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26420.json https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M75HYXU36SP6GHIDPHNZGJKEO6TX4C4Y/
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file. Date published : 2020-12-11 https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26419.json https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M75HYXU36SP6GHIDPHNZGJKEO6TX4C4Y/
Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. Date published : 2020-12-11 https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26418.json https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M75HYXU36SP6GHIDPHNZGJKEO6TX4C4Y/
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where vulnerable versions refuse to...
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetProofsV2 request from a connected...
An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6...
An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted...
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a domain name in a DNS query/response is not checked, and is used for internal memory operations....
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The number of DNS queries/responses (set in a DNS header) is not checked against the data present. This may lead to...
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response data length is not checked (it can be set to an arbitrary value from a packet). This may...
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has ‘’ termination. This may lead to successful Denial-of-Service, and possibly Remote...
An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn’t check for proper ‘’ termination of the resource record name string, leading to an out-of-bounds read,...
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when...