Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Lwip Security Vulnerabilities

cve
cve

CVE-2014-4883

resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets.

6.5AI Score

0.001EPSS

2014-11-28 02:59 AM
25
cve
cve

CVE-2020-22283

A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet.

7.5CVSS

7.4AI Score

0.002EPSS

2021-07-22 08:15 PM
56
6
cve
cve

CVE-2020-22284

A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6LoWPAN packet.

7.5CVSS

7.5AI Score

0.002EPSS

2021-07-22 08:15 PM
52
4