Lucene search
Contiki-ng Project Security Vulnerabilities
cve
Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '['...
7.1CVSS
7.2AI Score
0.0004EPSS
2022-10-03 04:22 PM
19
cve
An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS...
7.5CVSS
7.5AI Score
0.003EPSS
2021-02-02 07:15 AM
41
cve
The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the response data available in the DNS packet, leading to an out-of-bounds read and Denial-of-Service in...
8.2CVSS
8.1AI Score
0.001EPSS
2020-12-11 11:15 PM
42