Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng. vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-21280
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. It is possible to cause an out-of-bounds write in versions of Contiki-NG before 4.6 when transmitting a 6LoWPAN packet with a chain of extension headers. Unfortunately, the written heade...
Contiki-ng Contiki-ng
10
CVSSv3
CVE-2018-19417
An issue exists in the MQTT server in Contiki-NG prior to 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTT_MAX_TOPIC_LENGTH (default 64...
Contiki-ng Contiki-ng
7.5
CVSSv3
CVE-2022-35926
Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the modul...
Contiki-ng Contiki-ng
7.5
CVSSv3
CVE-2021-21257
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions before 4.6 do not validate the address pointer in the RPL source routing header This makes it pos...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-36052
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in Contiki-NG may cast a UDP header structure at a certain offset in a packet buffer. The code does not check whether the packet buffer is large enough to fit...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-36053
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module (os/net/ipv6/uipbuf.c) that processes IPv6 extension headers in incoming data packets. As part of this processing, the...
Contiki-ng Contiki-ng
8.8
CVSSv3
CVE-2022-36054
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in the Contiki-NG operating system (file os/net/ipv6/sicslowpan.c) contains an input function that processes incoming packets and copies them into a packet bu...
Contiki-ng Contiki-ng
6.5
CVSSv3
CVE-2023-34100
Contiki-NG is an open-source, cross-platform operating system for IoT devices. When reading the TCP MSS option value from an incoming packet, the Contiki-NG OS does not verify that certain buffer indices to read from are within the bounds of the IPv6 packet buffer, uip_buf. In pa...
Contiki-ng Contiki-ng
9.8
CVSSv3
CVE-2021-21281
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions before 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet...
Contiki-ng Contiki-ng
9.8
CVSSv3
CVE-2021-21282
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions before 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been pa...
Contiki-ng Contiki-ng
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »