20 matches found
CVE-2023-50926
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of the DIO message...
CVE-2023-50927
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for...
EUVD-2023-55658
Malicious code in bioql PyPI...
EUVD-2023-55657
Malicious code in bioql PyPI...
EUVD-2021-8638
Malicious code in bioql PyPI...
CVE-2021-21257
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...
CVE-2023-50926
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of the DIO message...
CVE-2023-50927
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for...
Design/Logic Flaw
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for...
Out-of-bounds
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of the DIO message...
CVE-2023-50926
CVE-2023-50926 is an out-of-bounds read in Contiki-NG’s RPL-Lite implementation triggered by an incoming DIO. The issue stems from an unvalidated IPv6 prefix length in DIO Prefix Information, allowing a value longer than the maximum prefix length. This can cause a memcmp on prefixes to read beyon...
CVE-2023-50926 Unvalidated DIO prefix info length in RPL-Lite in Contiki-NG
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of the DIO message...
CVE-2023-50927 Insufficient boundary checks for DIO and DAO messages in RPL-Lite in Contiki-NG
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for...
CVE-2023-50927 Insufficient boundary checks for DIO and DAO messages in RPL-Lite in Contiki-NG
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for...
PT-2024-14013 · Unknown · Contiki-Ng
Name of the Vulnerable Software and Affected Versions: Contiki-NG versions prior to 4.9 Description: The issue is caused by insufficient control of the lengths for DIO and DAO messages, particularly when they contain RPL sub-option headers, allowing an attacker to trigger out-of-bounds reads in t...
PT-2024-14012 · Unknown · Contiki-Ng
Name of the Vulnerable Software and Affected Versions: Contiki-NG versions prior to the next release Description: An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. The prefix information of the DIO message...
CVE-2021-21257
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...
Out-of-bounds
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...
CVE-2021-21257 Out-of-bounds write in RPL-Classic and RPL-Lite
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...
CVE-2021-21257
Contiki-NG prior to version 4.6 is affected by CVE-2021-21257 due to an out-of-bounds write in the RPL-Classic and RPL-Lite implementations. The bug occurs in rpl_ext_header_srh_update where addr_ptr is derived from an unvalidated CMPR field in the RPL source routing header, enabling out-of-bound...