Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-21281
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions before 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet...
Contiki-ng Contiki-ng
7.5
CVSSv2
CVE-2021-21282
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions before 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been pa...
Contiki-ng Contiki-ng
NA
CVE-2021-32771
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG...
Contiki-ng Contiki-ng
6.4
CVSSv2
CVE-2021-21410
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function (<code>uncompress_hdr_iphc</c...
Contiki-ng Contiki-ng
NA
CVE-2023-28116
Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer (packet...
Contiki-ng Contiki-ng
NA
CVE-2020-27634
In Contiki 4.5, TCP ISNs are improperly random.
Contiki-ng Contiki-ng 4.5
NA
CVE-2021-42144
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtls_ccm_decrypt_message().
Contiki-ng Contiki-ng Tinydtls
10
CVSSv2
CVE-2018-1000804
contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able...
Contiki-ng Contiki-ng 4.0
3.6
CVSSv2
CVE-2018-20579
Contiki-NG prior to 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character.
Contiki-ng Project Contiki-ng 4.2
7.5
CVSSv2
CVE-2019-8359
An issue exists in Contiki-NG up to and including 4.3 and Contiki up to and including 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c.
Contiki-os Contiki
Contiki-ng Contiki-ng
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »