Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2018-19417
An issue exists in the MQTT server in Contiki-NG prior to 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTT_MAX_TOPIC_LENGTH (default 64...
Contiki-ng Contiki-ng
10
CVSSv2
CVE-2018-1000804
contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able...
Contiki-ng Contiki-ng 4.0
8.3
CVSSv2
CVE-2020-12140
A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and previous versions allows an malicious user to execute arbitrary code via malicious L2CAP frames.
Contiki-ng Contiki-ng
7.8
CVSSv2
CVE-2021-21279
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In verions before 4.6, an attacker can perform a denial-of-service attack by triggering an infinite loop in the processing of IPv6 neighbor solicitation (NS) messages. This type of attac...
Contiki-ng Contiki-ng
7.5
CVSSv2
CVE-2021-21280
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. It is possible to cause an out-of-bounds write in versions of Contiki-NG before 4.6 when transmitting a 6LoWPAN packet with a chain of extension headers. Unfortunately, the written heade...
Contiki-ng Contiki-ng
7.5
CVSSv2
CVE-2021-21281
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions before 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet...
Contiki-ng Contiki-ng
7.5
CVSSv2
CVE-2021-21282
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions before 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been pa...
Contiki-ng Contiki-ng
7.5
CVSSv2
CVE-2020-24336
An issue exists in Contiki up to and including 3.0 and Contiki-NG up to and including 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitra...
Contiki-ng Contiki-ng
Contiki-os Contiki
7.5
CVSSv2
CVE-2020-14935
Buffer overflows were discovered in Contiki-NG 4.4 up to and including 4.5, in the SNMP bulk get request response encoding function. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SN...
Contiki-ng Contiki-ng
7.5
CVSSv2
CVE-2020-14934
Buffer overflows were discovered in Contiki-NG 4.4 up to and including 4.5, in the SNMP agent. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SNMP engine buffer. If the number of var...
Contiki-ng Contiki-ng
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »