213 matches found
CVE-2021-27427
RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2025-66647
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When copying the contents of the first...
CVE-2025-66646
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When receiving an fragmented IPv6 packe...
CVE-2025-66647
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When copying the contents of the first...
CVE-2025-66647
The CVE concerns RIOT OS IPv6 fragmentation reassembly in the gnrc_ipv6_ext_frag module. Copying the first fragment (offset=0) into the reassembly buffer lacks a size check, enabling an attacker to create a small buffer by sending a shorter initial fragment and potentially overflow other packet b...
CVE-2025-66646
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When receiving an fragmented IPv6 packe...
CVE-2025-66646 RIOT-OS has NULL pointer dereference in gnrc_ipv6_ext_frag_reass
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When receiving an fragmented IPv6 packe...
CVE-2025-66646 RIOT-OS has NULL pointer dereference in gnrc_ipv6_ext_frag_reass
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When receiving an fragmented IPv6 packe...
CVE-2025-66646 RIOT-OS has NULL pointer dereference in gnrc_ipv6_ext_frag_reass
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When receiving an fragmented IPv6 packe...
EUVD-2025-203929
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A vulnerability was discovered in the IPv6 fragmentation reassembly implementation of RIOT OS v2025.07. When receiving an fragmented IPv6 packe...
PT-2025-51877
Name of the Vulnerable Software and Affected Versions RIOT versions prior to 2025.10 Description RIOT is an open-source microcontroller operating system designed for Internet of Things IoT devices and other embedded systems. A flaw exists in the IPv6 fragmentation reassembly implementation...
EUVD-2021-18551
Malware in sbrugna...
EUVD-2021-18550
Malware in sbrugna...
EUVD-2021-14440
Malware in sbrugna...
EUVD-2021-14117
Malware in sbrugna...
EUVD-2021-18548
Malware in sbrugna...
EUVD-2021-14439
Malware in sbrugna...
EUVD-2019-1729
Malware in sbrugna...
EUVD-2021-14181
Malware in sbrugna...
EUVD-2023-28820
Malicious code in bioql PyPI...