CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

442 matches found

RedhatCVE•added 2026/01/09 9:57 a.m.•13 views

CVE-2020-12141

An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmpberdecodestringlenbuffer in os/net/app-layer/snmp/snmp-ber.c...

9.1CVSS6.7AI score0.01516EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:55 a.m.•7 views

CVE-2020-12140

A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames...

8.8CVSS8.3AI score0.0092EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:50 a.m.•12 views

CVE-2020-24335

An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets...

7.5CVSS7AI score0.03044EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:0 a.m.•7 views

CVE-2023-50926

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of the DIO message...

7.5CVSS6.5AI score0.0053EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:59 a.m.•6 views

CVE-2023-50927

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for...

8.6CVSS7AI score0.00508EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:34 a.m.•7 views

CVE-2024-41125

Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The...

9.6CVSS6.8AI score0.0028EPSS

Exploits0References1