213 matches found
CVE-2021-27357
RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrcrplcontrolmessages.c...
CVE-2021-27698
RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrcrplcontrolmessages.c through the parseoptions function...
CVE-2026-27703
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. In 2026.01 and earlier, the default handler for the wellknowncore resource coapwellknowncoredefaulthandler writes user-provided option data and...
CVE-2026-27703 RIOT has an Out-of-Bounds Write in nanoCoAP Handler
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. In 2026.01 and earlier, the default handler for the wellknowncore resource coapwellknowncoredefaulthandler writes user-provided option data and...
CVE-2026-27703
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. In 2026.01 and earlier, the default handler for the wellknowncore resource coapwellknowncoredefaulthandler writes user-provided option data and...
CVE-2026-25139
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. In version 2025.10 and prior, multiple out-of-bounds read allow any unauthenticated user, with ability to send or manipulate input packets, to...
CVE-2026-25139
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. In version 2025.10 and prior, multiple out-of-bounds read allow any unauthenticated user, with ability to send or manipulate input packets, to...
CVE-2026-22213
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...
CVE-2026-22214
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...
CVE-2026-22213
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...
CVE-2026-22213
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...
CVE-2026-22214
Summary: RIOT OS
CVE-2026-22214 RIOT OS <= 2026.01-devel-317 Stack-Based Buffer Overflow in ethos Serial Frame Parser
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...
CVE-2026-22214 RIOT OS <= 2026.01-devel-317 Stack-Based Buffer Overflow in ethos Serial Frame Parser
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the handlechar function, where incoming frame bytes are appended t...
CVE-2026-22213 RIOT OS <= 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...
CVE-2026-22213 RIOT OS <= 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility
RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...
CVE-2026-22213
RIOT OS
PT-2026-2323
Name of the Vulnerable Software and Affected Versions RIOT OS versions up to and including 2026.01-devel-317 Description RIOT OS versions up to and including 2026.01-devel-317 have a stack-based buffer overflow issue in the ethos utility. This is due to a lack of bounds checking when handling...
RIOT OS 安全漏洞
RIOT OS is an IoT operating system from RIOT Open Source. A security vulnerability exists in RIOT OS 2026.01-devel-317 and earlier versions, which stems from a missing bounds check in the devopen function in the tapslip6 tool, which could lead to process crashes and memory corruption...
CVE-2021-27697
RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrcrplvalidation.c through the gnrcrplvalidationoptions function...