Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2018-16663
An issue exists in Contiki-NG up to and including 4.1. There is a stack-based buffer overflow in parse_relations in os/storage/antelope/aql-parser.c while parsing AQL (storage of relations).
Contiki-ng Contiki-ng.
4.4
CVSSv2
CVE-2018-16664
An issue exists in Contiki-NG up to and including 4.1. There is a buffer overflow in lvm_set_type in os/storage/antelope/lvm.c while parsing AQL (lvm_set_op, lvm_set_relation, lvm_set_operand).
Contiki-ng Contiki-ng.
3.6
CVSSv2
CVE-2018-16665
An issue exists in Contiki-NG up to and including 4.1. There is a buffer overflow while parsing AQL in lvm_shift_for_operator in os/storage/antelope/lvm.c.
Contiki-ng Contiki-ng.
4.6
CVSSv2
CVE-2018-16666
An issue exists in Contiki-NG up to and including 4.1. There is a stack-based buffer overflow in next_string in os/storage/antelope/aql-lexer.c while parsing AQL (parsing next string).
Contiki-ng Contiki-ng.
4.4
CVSSv2
CVE-2018-16667
An issue exists in Contiki-NG up to and including 4.1. There is a buffer over-read in lookup in os/storage/antelope/lvm.c while parsing AQL (lvm_register_variable, lvm_set_variable_value, create_intersection, create_union).
Contiki-ng Contiki-ng.
NA
CVE-2023-23609
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer...
Contiki-ng Contiki-ng
NA
CVE-2023-31129
The Contiki-NG operating system versions 4.8 and prior can be triggered to dereference a NULL pointer in the message handling code for IPv6 router solicitiations. Contiki-NG contains an implementation of IPv6 Neighbor Discovery (ND) in the module `os/net/ipv6/uip-nd6.c`. The ND p...
Contiki-ng Contiki-ng
NA
CVE-2022-35926
Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the modul...
Contiki-ng Contiki-ng
NA
CVE-2022-41972
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions before 4.9 contain a NULL Pointer Dereference in BLE L2CAP module. The Contiki-NG operating system for IoT devices contains a Bluetooth Low Energy stack. An attacker can inject...
Contiki-ng Contiki-ng
NA
CVE-2022-35927
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In the RPL-Classic routing protocol implementation in the Contiki-NG operating system, an incoming DODAG Information Option (DIO) control message can contain a prefix information option with a length p...
Contiki-ng Contiki-ng
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »