Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng. vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-21281
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions before 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet...
Contiki-ng Contiki-ng
9.8
CVSSv3
CVE-2021-21282
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions before 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been pa...
Contiki-ng Contiki-ng
9.1
CVSSv3
CVE-2021-21410
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function (<code>uncompress_hdr_iphc</c...
Contiki-ng Contiki-ng
7
CVSSv3
CVE-2018-16664
An issue exists in Contiki-NG up to and including 4.1. There is a buffer overflow in lvm_set_type in os/storage/antelope/lvm.c while parsing AQL (lvm_set_op, lvm_set_relation, lvm_set_operand).
Contiki-ng Contiki-ng.
7.8
CVSSv3
CVE-2018-16666
An issue exists in Contiki-NG up to and including 4.1. There is a stack-based buffer overflow in next_string in os/storage/antelope/aql-lexer.c while parsing AQL (parsing next string).
Contiki-ng Contiki-ng.
9.8
CVSSv3
CVE-2018-1000804
contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able...
Contiki-ng Contiki-ng 4.0
9.1
CVSSv3
CVE-2020-27634
In Contiki 4.5, TCP ISNs are improperly random.
Contiki-ng Contiki-ng 4.5
9.8
CVSSv3
CVE-2021-42144
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtls_ccm_decrypt_message().
Contiki-ng Contiki-ng Tinydtls
7.1
CVSSv3
CVE-2018-20579
Contiki-NG prior to 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character.
Contiki-ng Project Contiki-ng 4.2
9.8
CVSSv3
CVE-2019-8359
An issue exists in Contiki-NG up to and including 4.3 and Contiki up to and including 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c.
Contiki-os Contiki
Contiki-ng Contiki-ng
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »