IDCVSSSummaryLast (major) updatePublished
CVE-2020-24334 6.4
The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the response data available in the DNS packet, leading to an
15-12-2020 - 15:03 11-12-2020 - 23:15
CVE-2020-24335 5.0
An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets.
04-02-2021 - 21:24 02-02-2021 - 07:15
CVE-2019-9183 5.0
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This results in acc
21-07-2021 - 11:39 23-04-2020 - 15:15
CVE-2020-24336 7.5
An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arb
15-12-2020 - 14:47 11-12-2020 - 23:15
CVE-2020-13984 5.0
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.
14-12-2020 - 19:49 11-12-2020 - 22:15
CVE-2020-13986 5.0
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.
16-12-2020 - 18:46 11-12-2020 - 22:15
CVE-2020-13987 5.0
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.
09-03-2021 - 15:15 11-12-2020 - 22:15
CVE-2020-13985 5.0
An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.
21-07-2021 - 11:39 11-12-2020 - 22:15
CVE-2021-28362 5.0
An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the ex
26-03-2021 - 21:10 24-03-2021 - 14:15
Back to Top Mark selected
Back to Top