Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2020-12141
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and previous versions allows an malicious user to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c.
Contiki-ng Contiki-ng
9.1
CVSSv3
CVE-2021-21410
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function (<code>uncompress_hdr_iphc</c...
Contiki-ng Contiki-ng
9.1
CVSSv3
CVE-2020-14937
Memory access out of buffer boundaries issues exists in Contiki-NG 4.4 up to and including 4.5, in the SNMP BER encoder/decoder. The length of provided input/output buffers is insufficiently verified during the encoding and decoding of data. This may lead to out-of-bounds buffer ...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-36052
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in Contiki-NG may cast a UDP header structure at a certain offset in a packet buffer. The code does not check whether the packet buffer is large enough to fit...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-36053
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module (os/net/ipv6/uipbuf.c) that processes IPv6 extension headers in incoming data packets. As part of this processing, the...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-36054
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in the Contiki-NG operating system (file os/net/ipv6/sicslowpan.c) contains an input function that processes incoming packets and copies them into a packet bu...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2020-12140
A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and previous versions allows an malicious user to execute arbitrary code via malicious L2CAP frames.
Contiki-ng Contiki-ng
8.2
CVSSv3
CVE-2020-24334
The code that processes DNS responses in uIP up to and including 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the response data available in the DNS packet, leading to an out-of-bounds rea...
Uip Project Uip
8.1
CVSSv3
CVE-2021-32771
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG...
Contiki-ng Contiki-ng
7.8
CVSSv3
CVE-2018-16663
An issue exists in Contiki-NG up to and including 4.1. There is a stack-based buffer overflow in parse_relations in os/storage/antelope/aql-parser.c while parsing AQL (storage of relations).
Contiki-ng Contiki-ng.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »