Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-41873
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions before 4.9 are vulnerable to an Out-of-bounds read. While processing the L2CAP protocol, the Bluetooth Low Energy stack of Contiki-NG needs to map an incoming channel ID to its...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-36052
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in Contiki-NG may cast a UDP header structure at a certain offset in a packet buffer. The code does not check whether the packet buffer is large enough to fit...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-36053
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module (os/net/ipv6/uipbuf.c) that processes IPv6 extension headers in incoming data packets. As part of this processing, the...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-36054
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in the Contiki-NG operating system (file os/net/ipv6/sicslowpan.c) contains an input function that processes incoming packets and copies them into a packet bu...
Contiki-ng Contiki-ng
8.1
CVSSv3
CVE-2021-32771
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG...
Contiki-ng Contiki-ng
9.8
CVSSv3
CVE-2022-35927
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In the RPL-Classic routing protocol implementation in the Contiki-NG operating system, an incoming DODAG Information Option (DIO) control message can contain a prefix information option with a length p...
Contiki-ng Contiki-ng
7.5
CVSSv3
CVE-2022-35926
Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the modul...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2020-12140
A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and previous versions allows an malicious user to execute arbitrary code via malicious L2CAP frames.
Contiki-ng Contiki-ng
9.1
CVSSv3
CVE-2020-12141
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and previous versions allows an malicious user to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c.
Contiki-ng Contiki-ng
9.8
CVSSv3
CVE-2021-21280
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. It is possible to cause an out-of-bounds write in versions of Contiki-NG before 4.6 when transmitting a 6LoWPAN packet with a chain of extension headers. Unfortunately, the written heade...
Contiki-ng Contiki-ng
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »