Every CVE whose affected-product data names Virtualsquare Picotcp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-35846 — CVSS 7.5 (high): VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering.
CVE-2023-35847 — CVSS 7.5 (high): VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero).
CVE-2023-35848 — CVSS 7.5 (high): VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss structure…
CVE-2023-35849 — CVSS 7.5 (high): VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data outside of a…