CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it easier for remote attackers to compute the master key and then decrypt DTLS traffic...

7.5CVSS7AI score0.01045EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 9:6 p.m.•7 views

CVE-2021-42141

An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets ClientHello, Clientkeyexchange, and Changecipherspec, which may cause denial of service...

9.8CVSS6.9AI score0.01181EPSS

Exploits0

RedhatCVE•added 2025/05/22 9:5 p.m.•7 views

CVE-2021-42142

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops...

9.8CVSS6.9AI score0.00989EPSS

Exploits0

OSV•added 2024/01/24 7:15 p.m.•4 views

CVE-2021-42147

Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...

9.1CVSS5.8AI score

Exploits0References2

NVD•added 2024/01/24 7:15 p.m.•10 views

CVE-2021-42147

Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...

9.1CVSS8.9AI score0.00836EPSS

Exploits0References2

NVD•added 2024/01/24 7:15 p.m.•13 views

CVE-2021-42146

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive...

7.5CVSS7.4AI score0.00662EPSS

Exploits0References2

Prion•added 2024/01/24 7:15 p.m.•20 views

Buffer overflow

Buffer over-read vulnerability in the dtlssha256update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet...

6.4CVSS7.2AI score0.00836EPSS

Exploits0References1Affected Software1

Prion•added 2024/01/24 7:15 p.m.•19 views

Code injection

5CVSS7AI score0.00662EPSS

Exploits0References1Affected Software1

OSV•added 2024/01/24 6:15 p.m.•3 views

CVE-2021-42144

Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtlsccmdecryptmessage...

9.8CVSS5.8AI score

Exploits0References2

OSV•added 2024/01/24 6:15 p.m.•4 views

CVE-2021-42143

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. An infinite loop bug exists during the handling of a ClientHello handshake message. This bug allows remote attackers to cause a denial of service by sending a malformed ClientHello handshake message with an odd length o...

9.1CVSS6AI score0.00812EPSS

Exploits0References2

NVD•added 2024/01/24 6:15 p.m.•15 views

CVE-2021-42144

Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtlsccmdecryptmessage...

9.8CVSS9.2AI score0.00658EPSS

Exploits0References2

Prion•added 2024/01/24 6:15 p.m.•13 views

Buffer overflow

Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtlsccmdecryptmessage...

7.5CVSS6.6AI score0.00658EPSS

Exploits0References1Affected Software1

Prion•added 2024/01/24 6:15 p.m.•20 views

Design/Logic Flaw

6.4CVSS7.4AI score0.00812EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/01/24 12:0 a.m.•2 views

CVE-2021-42145

An assertion failure discovered in in checkcertificaterequest in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers to cause a denial of service...

7.4AI score0.00429EPSS

Exploits0References1

Positive Technologies•added 2024/01/24 12:0 a.m.•4 views

PT-2024-11025 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG tinyDTLS versions through master branch 53a0d97 Description: A buffer over-read issue exists in the dtls sha256 update function, allowing remote attackers to cause a denial of service via crafted data packets. This issue affects...

9.1CVSS9.1AI score0.00836EPSS

Exploits0References4

CVE•added 2024/01/24 12:0 a.m.•37 views

CVE-2021-42143

CVE-2021-42143 affects Contiki-NG tinyDTLS (master branch 53a0d97). Affected: tinyDTLS handshake processing where an odd-length ClientHello cipher suites list can trigger an infinite loop, causing denial of service and a buffer over-read that may leak sensitive data. Impact: remote network attack...

9.1CVSS9AI score0.00812EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/01/24 12:0 a.m.•14 views

CVE-2021-42145

An assertion failure discovered in in checkcertificaterequest in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers to cause a denial of service...

7.6AI score0.00429EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by