Vulnerabilities > Riot OS

DATE CVE VULNERABILITY TITLE RISK
2023-04-24 CVE-2023-24819 Out-of-bounds Write vulnerability in Riot-Os Riot
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames.
network
low complexity
riot-os CWE-787
critical
9.8
2023-04-24 CVE-2023-24820 Integer Underflow (Wrap or Wraparound) vulnerability in Riot-Os Riot
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames.
network
low complexity
riot-os CWE-191
7.5
2022-05-03 CVE-2021-27427 Integer Overflow or Wraparound vulnerability in Riot-Os Riot 2020.01.1
RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
network
low complexity
riot-os CWE-190
7.5
2021-09-15 CVE-2021-41061 Use of Insufficiently Random Values vulnerability in Riot-Os Riot 2021.01
In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component allows attackers to break encryption by triggering reboots.
local
low complexity
riot-os CWE-330
2.1
2021-06-18 CVE-2021-31660 Classic Buffer Overflow vulnerability in Riot-Os Riot 2021.01
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.
network
low complexity
riot-os CWE-120
5.0
2021-06-18 CVE-2021-31661 Classic Buffer Overflow vulnerability in Riot-Os Riot 2021.01
RIOT-OS 2021.01 before commit 609c9ada34da5546cffb632a98b7ba157c112658 contains a buffer overflow that could allow attackers to obtain sensitive information.
network
low complexity
riot-os CWE-120
5.0
2021-06-18 CVE-2021-31662 Classic Buffer Overflow vulnerability in Riot-Os Riot 2021.01
RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information.
network
low complexity
riot-os CWE-120
5.0
2021-06-18 CVE-2021-31663 Classic Buffer Overflow vulnerability in Riot-Os Riot 2021.01
RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information.
network
low complexity
riot-os CWE-120
5.0
2021-06-18 CVE-2021-31664 Classic Buffer Overflow vulnerability in Riot-Os Riot 2021.01
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
network
low complexity
riot-os CWE-120
5.0
2021-04-06 CVE-2021-27698 Classic Buffer Overflow vulnerability in Riot-Os Riot 2021.01
RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c through the _parse_options() function.
network
low complexity
riot-os CWE-120
7.5