Contiki-ng

Contiki-ng

41 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2021-21410

  • EPSS 0.43%
  • Published 18.06.2021 21:15:07
  • Last modified 21.11.2024 05:48:18

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function (<code>u...

9.8

CVE-2021-21282

  • EPSS 0.44%
  • Published 18.06.2021 20:15:07
  • Last modified 21.11.2024 05:47:55

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mo...

9.8

CVE-2020-24336

  • EPSS 1.83%
  • Published 11.12.2020 23:15:13
  • Last modified 21.11.2024 05:14:36

An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arb...

7.5

CVE-2020-13988

  • EPSS 0.25%
  • Published 11.12.2020 22:15:12
  • Last modified 21.11.2024 05:02:17

An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.

9.8

CVE-2020-14936

  • EPSS 0.59%
  • Published 18.08.2020 17:15:11
  • Last modified 21.11.2024 05:04:28

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmp_oid_decode_...

9.8

CVE-2020-14935

Exploit
  • EPSS 2.75%
  • Published 18.08.2020 17:15:11
  • Last modified 21.11.2024 05:04:28

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP bulk get request response encoding function. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of th...

9.8

CVE-2020-14934

Exploit
  • EPSS 0.59%
  • Published 18.08.2020 17:15:11
  • Last modified 21.11.2024 05:04:28

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SNMP engine buffer. If the ...

9.1

CVE-2020-14937

Exploit
  • EPSS 0.43%
  • Published 18.08.2020 16:15:13
  • Last modified 21.11.2024 05:04:28

Memory access out of buffer boundaries issues was discovered in Contiki-NG 4.4 through 4.5, in the SNMP BER encoder/decoder. The length of provided input/output buffers is insufficiently verified during the encoding and decoding of data. This may lea...

7.5

CVE-2019-9183

  • EPSS 0.59%
  • Published 23.04.2020 15:15:13
  • Last modified 21.11.2024 04:51:09

An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This results in acc...

9.8

CVE-2019-8359

  • EPSS 0.66%
  • Published 23.04.2020 15:15:13
  • Last modified 21.11.2024 04:49:45

An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c.