Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2021-21410
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function (<code>uncompress_hdr_iphc</c...
Contiki-ng Contiki-ng
NA
CVE-2023-34100
Contiki-NG is an open-source, cross-platform operating system for IoT devices. When reading the TCP MSS option value from an incoming packet, the Contiki-NG OS does not verify that certain buffer indices to read from are within the bounds of the IPv6 packet buffer, uip_buf. In pa...
Contiki-ng Contiki-ng
NA
CVE-2023-34101
Contiki-NG is an operating system for internet of things devices. In version 4.8 and prior, when processing ICMP DAO packets in the `dao_input_storing` function, the Contiki-NG OS does not verify that the packet buffer is big enough to contain the bytes it needs before accessing ...
Contiki-ng Contiki-ng
668
VMScore
CVE-2020-14936
Buffer overflows were discovered in Contiki-NG 4.4 up to and including 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmp_oid_decode_oid() may overwrit...
Contiki-ng Contiki-ng
570
VMScore
CVE-2020-14937
Memory access out of buffer boundaries issues exists in Contiki-NG 4.4 up to and including 4.5, in the SNMP BER encoder/decoder. The length of provided input/output buffers is insufficiently verified during the encoding and decoding of data. This may lead to out-of-bounds buffer ...
Contiki-ng Contiki-ng
668
VMScore
CVE-2021-21281
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions before 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet...
Contiki-ng Contiki-ng
668
VMScore
CVE-2021-21282
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions before 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been pa...
Contiki-ng Contiki-ng
668
VMScore
CVE-2020-14934
Buffer overflows were discovered in Contiki-NG 4.4 up to and including 4.5, in the SNMP agent. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SNMP engine buffer. If the number of var...
Contiki-ng Contiki-ng
668
VMScore
CVE-2020-14935
Buffer overflows were discovered in Contiki-NG 4.4 up to and including 4.5, in the SNMP bulk get request response encoding function. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SN...
Contiki-ng Contiki-ng
NA
CVE-2022-36052
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in Contiki-NG may cast a UDP header structure at a certain offset in a packet buffer. The code does not check whether the packet buffer is large enough to fit...
Contiki-ng Contiki-ng
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »