63 matches found
EUVD-2021-21086
Malware in sbrugna...
EUVD-2021-29124
Malicious code in bioql PyPI...
EUVD-2021-29125
Malicious code in bioql PyPI...
CVE-2021-34430
Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic...
CVE-2021-42141
An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets ClientHello, Clientkeyexchange, and Changecipherspec, which may cause denial of service...
CVE-2021-42142
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops...
CVE-2021-42147
Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...
CVE-2021-42147
Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...
CVE-2021-42146
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive...
Buffer overflow
Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...
Code injection
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive...
CVE-2021-42144
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtlsccmdecryptmessage...
CVE-2021-42143
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length o...
CVE-2021-42144
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtlsccmdecryptmessage...
Buffer overflow
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtlsccmdecryptmessage...
Design/Logic Flaw
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length o...
CVE-2021-42145
An assertion failure discovered in in checkcertificaterequest in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers to cause a denial of service...
PT-2024-11025 · Unknown · Contiki-Ng
Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS versions through master branch 53a0d97 Description: A buffer over-read issue exists in the dtls sha256 update function, allowing remote attackers to cause a denial of service via crafted data packets. This issue affects...
CVE-2021-42145
An assertion failure discovered in in checkcertificaterequest in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers to cause a denial of service...
PT-2024-11021 · Unknown · Contiki-Ng
Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS through master branch 53a0d97 Description: An issue exists in the handling of a ClientHello handshake message, where an infinite loop bug can be triggered by remote attackers sending a malformed message with an odd length ...