Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-50926
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of th...
NA
CVE-2023-50927
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control o...
NA
CVE-2023-48229
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds write exists in the driver for IEEE 802.15.4 radios on nRF platforms in the Contiki-NG operating system. The problem is triggered when parsing radio frames in the `read...
NA
CVE-2021-42147
Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote malicious users to cause a denial of service via crafted data packet.
Contiki-ng Tinydtls 2018-08-30
NA
CVE-2021-42145
An assertion failure discovered in in check_certificate_request() in Contiki-NG tinyDTLS through master branch 53a0d97 allows malicious users to cause a denial of service.
Contiki-ng Tinydtls
NA
CVE-2021-42146
An issue exists in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote malicious users to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote malicious users to ob...
Contiki-ng Tinydtls 2018-08-30
NA
CVE-2021-42144
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtls_ccm_decrypt_message().
Contiki-ng Contiki-ng Tinydtls
NA
CVE-2021-42143
An issue exists in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote malicious users to cause a denial of service by sending a malformed ClientHello handshake message with ...
Contiki-ng Tinydtls
NA
CVE-2021-42142
An issue exists in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote malicious users to cause a denial of service and false-positive packet drops.
Contiki-ng Tinydtls
NA
CVE-2021-42141
An issue exists in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets Client_Hello, Client_key_exchange, and Change_cipher_spec, which may cause denial of service.
Contiki-ng Tinydtls
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »