Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
contiki-ng contiki-ng vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-24336
An issue exists in Contiki up to and including 3.0 and Contiki-NG up to and including 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitra...
Contiki-ng Contiki-ng
Contiki-os Contiki
7.5
CVSSv3
CVE-2019-9183
An issue exists in Contiki-NG up to and including 4.3 and Contiki up to and including 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This results in accesses of unmap...
Contiki-ng Contiki-ng
Contiki-os Contiki
9.8
CVSSv3
CVE-2021-42141
An issue exists in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets Client_Hello, Client_key_exchange, and Change_cipher_spec, which may cause denial of service.
Contiki-ng Tinydtls
7.5
CVSSv3
CVE-2021-42145
An assertion failure discovered in in check_certificate_request() in Contiki-NG tinyDTLS through master branch 53a0d97 allows malicious users to cause a denial of service.
Contiki-ng Tinydtls
9.8
CVSSv3
CVE-2021-42142
An issue exists in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote malicious users to cause a denial of service and false-positive packet drops.
Contiki-ng Tinydtls
9.1
CVSSv3
CVE-2021-42143
An issue exists in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote malicious users to cause a denial of service by sending a malformed ClientHello handshake message with ...
Contiki-ng Tinydtls
7.5
CVSSv3
CVE-2021-42146
An issue exists in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote malicious users to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote malicious users to ob...
Contiki-ng Tinydtls 2018-08-30
9.1
CVSSv3
CVE-2021-42147
Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote malicious users to cause a denial of service via crafted data packet.
Contiki-ng Tinydtls 2018-08-30
NA
CVE-2023-50927
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control o...
NA
CVE-2023-50926
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of th...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »