Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-os contiki vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2017-7295
An issue exists in Contiki Operating System 3.0. A use-after-free vulnerability exists in httpd-simple.c in cc26xx-web-demo httpd, where upon a connection close event, the http_state structure was not deallocated properly, resulting in a NULL pointer dereference in the output pro...
Contiki-os Contiki 3.0
7.5
CVSSv2
CVE-2020-25111
An issue exists in the IPv6 stack in Contiki up to and including 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
Contiki-os Contiki-os
7.5
CVSSv2
CVE-2020-25112
An issue exists in the IPv6 stack in Contiki up to and including 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet.
Contiki-os Contiki-os
7.5
CVSSv2
CVE-2020-24336
An issue exists in Contiki up to and including 3.0 and Contiki-NG up to and including 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitra...
Contiki-ng Contiki-ng
Contiki-os Contiki
7.5
CVSSv2
CVE-2019-8359
An issue exists in Contiki-NG up to and including 4.3 and Contiki up to and including 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c.
Contiki-ng Contiki-ng
Contiki-os Contiki
5
CVSSv2
CVE-2021-40523
In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the WILL/WONT or DO/DONT response for DO and WILL commands because of improper handling of exception condition, which leads to property violation...
Contiki-os Contiki 3.0
5
CVSSv2
CVE-2021-38387
In Contiki 3.0, a Telnet server that silently quits (before disconnection with clients) leads to connected clients entering an infinite loop and waiting forever, which may cause excessive CPU consumption.
Contiki-os Contiki 3.0
5
CVSSv2
CVE-2021-38386
In Contiki 3.0, a buffer overflow in the Telnet service allows remote malicious users to cause a denial of service because the ls command is mishandled when a directory has many files with long names.
Contiki-os Contiki 3.0
5
CVSSv2
CVE-2021-28362
An issue exists in Contiki up to and including 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are ...
Contiki-os Contiki
5
CVSSv2
CVE-2020-13984
An issue exists in Contiki up to and including 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.
Contiki-os Contiki
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »