Vulnerabilities > Contiki NG > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-24 CVE-2021-42147 Out-of-bounds Read vulnerability in Contiki-Ng Tinydtls 20180830
Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet.
network
low complexity
contiki-ng CWE-125
critical
 9.1
9.1
2024-01-24 CVE-2021-42143 Infinite Loop vulnerability in Contiki-Ng Tinydtls 20180830
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97.
network
low complexity
contiki-ng CWE-835
critical
 9.1
9.1
2024-01-24 CVE-2021-42144 Out-of-bounds Read vulnerability in Contiki-Ng Tinydtls
Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtls_ccm_decrypt_message().
network
low complexity
contiki-ng CWE-125
critical
 9.8
9.8
2024-01-23 CVE-2021-42142 Improper Handling of Exceptional Conditions vulnerability in Contiki-Ng Tinydtls 20180830
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97.
network
low complexity
contiki-ng CWE-755
critical
 9.8
9.8
2024-01-22 CVE-2021-42141 Improper Handling of Exceptional Conditions vulnerability in Contiki-Ng Tinydtls 20180830
An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30.
network
low complexity
contiki-ng CWE-755
critical
 9.8
9.8
2023-10-10 CVE-2020-27634 Use of Insufficiently Random Values vulnerability in Contiki-Ng 4.5
In Contiki 4.5, TCP ISNs are improperly random.
network
low complexity
contiki-ng CWE-330
critical
 9.1
9.1
2023-06-14 CVE-2023-34101 Unspecified vulnerability in Contiki-Ng
Contiki-NG is an operating system for internet of things devices.
network
low complexity
contiki-ng
critical
 9.1
9.1
2023-05-08 CVE-2023-31129 NULL Pointer Dereference vulnerability in Contiki-Ng
The Contiki-NG operating system versions 4.8 and prior can be triggered to dereference a NULL pointer in the message handling code for IPv6 router solicitiations.
network
low complexity
contiki-ng CWE-476
critical
 9.8
9.8
2023-03-17 CVE-2023-28116 Out-of-bounds Write vulnerability in Contiki-Ng
Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices.
network
low complexity
contiki-ng CWE-787
critical
 9.8
9.8
2022-08-04 CVE-2022-35927 Classic Buffer Overflow vulnerability in Contiki-Ng
Contiki-NG is an open-source, cross-platform operating system for IoT devices.
network
low complexity
contiki-ng CWE-120
critical
 9.8
9.8