Lucene search
K

665 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:3 a.m.10 views

CVE-2023-37281

Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when processing the various IPv6 header fields during IPHC header decompression, Contiki-NG confirms the received packet buffer contains enough data as needed for that field. But no similar check is done...

5.3CVSS7AI score0.00386EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:41 a.m.10 views

CVE-2023-23609

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol BLE-L2C...

8.2CVSS6.9AI score0.00353EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:46 a.m.9 views

CVE-2023-29001

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers SRH in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming...

8.7CVSS6.7AI score0.00538EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:15 a.m.10 views

CVE-2022-41972

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 contain a NULL Pointer Dereference in BLE L2CAP module. The Contiki-NG operating system for IoT devices contains a Bluetooth Low Energy stack. An attacker can inject a packet in th...

6.5CVSS6.7AI score0.00205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:48 p.m.11 views

CVE-2022-41873

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 are vulnerable to an Out-of-bounds read. While processing the L2CAP protocol, the Bluetooth Low Energy stack of Contiki-NG needs to map an incoming channel ID to its metadata...

5.4CVSS6.9AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.8 views

CVE-2022-36052

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in Contiki-NG may cast a UDP header structure at a certain offset in a packet buffer. The code does not check whether the packet buffer is large enough to fit a full UDP heade...

8.8CVSS7.1AI score0.00531EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:9 p.m.8 views

CVE-2022-36054

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in the Contiki-NG operating system file os/net/ipv6/sicslowpan.c contains an input function that processes incoming packets and copies them into a packet buffer. Because of a...

8.8CVSS7AI score0.00634EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:4 p.m.11 views

CVE-2022-36053

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module os/net/ipv6/uipbuf.c that processes IPv6 extension headers in incoming data packets. As part of this processing, the function...

8.8CVSS7AI score0.0053EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:58 p.m.11 views

CVE-2022-35926

Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the module...

7.5CVSS6.7AI score0.00966EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:31 p.m.10 views

CVE-2021-21257

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...

8.2CVSS6.8AI score0.01088EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.7 views

CVE-2021-21280

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. It is possible to cause an out-of-bounds write in versions of Contiki-NG prior to 4.6 when transmitting a 6LoWPAN packet with a chain of extension headers. Unfortunately, the written header is not checke...

9.8CVSS6.8AI score0.01064EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.9 views

CVE-2021-21282

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG...

9.8CVSS7.2AI score0.00993EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:18 p.m.11 views

CVE-2021-32771

Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG system must have...

8.1CVSS7.3AI score0.01046EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:6 p.m.8 views

CVE-2021-42141

An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets ClientHello, Clientkeyexchange, and Changecipherspec, which may cause denial of service...

9.8CVSS6.9AI score0.01181EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.7 views

CVE-2021-42142

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops...

9.8CVSS6.9AI score0.00989EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 p.m.6 views

CVE-2021-38386

In Contiki 3.0, a buffer overflow in the Telnet service allows remote attackers to cause a denial of service because the ls command is mishandled when a directory has many files with long names...

7.5CVSS7.6AI score0.01291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 p.m.13 views

CVE-2021-38387

In Contiki 3.0, a Telnet server that silently quits before disconnection with clients leads to connected clients entering an infinite loop and waiting forever, which may cause excessive CPU consumption...

7.5CVSS6.9AI score0.00961EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 p.m.14 views

CVE-2021-38311

In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessiv...

7.5CVSS7AI score0.00942EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:10 p.m.10 views

CVE-2021-21410

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function uncompresshdriphc does not perform proper boundary chec...

9.1CVSS6.8AI score0.0123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:9 p.m.8 views

CVE-2021-21281

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions prior to 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet with a data...

9.8CVSS7.3AI score0.00918EPSS
Exploits0References1
Rows per page
Query Builder