Every CVE whose affected-product data names Contiki-os Contiki, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2020-24336 — CVSS 9.8 (critical): An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c…
CVE-2019-8359 — CVSS 9.8 (critical): An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data section during…
CVE-2020-13984 — CVSS 7.5 (high): An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension…
CVE-2020-13985 — CVSS 7.5 (high): An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling…
CVE-2020-13986 — CVSS 7.5 (high): An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension…
CVE-2021-40523 — CVSS 7.5 (high): In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fail to give the…
CVE-2019-9183 — CVSS 7.5 (high): An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during…
CVE-2017-7295 — CVSS 7.5 (high): An issue was discovered in Contiki Operating System 3.0. A use-after-free vulnerability exists in httpd-simple.c in cc26xx-web-demo httpd…
CVE-2021-28362 — CVSS 7.5 (high): An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an…
CVE-2021-38311 — CVSS 7.5 (high): In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already…
CVE-2021-38386 — CVSS 7.5 (high): In Contiki 3.0, a buffer overflow in the Telnet service allows remote attackers to cause a denial of service because the ls command is…
CVE-2021-38387 — CVSS 7.5 (high): In Contiki 3.0, a Telnet server that silently quits (before disconnection with clients) leads to connected clients entering an infinite…
CVE-2017-7296 — CVSS 6.1 (medium): An issue was discovered in Contiki Operating System 3.0. A Persistent XSS vulnerability is present in the MQTT/IBM Cloud Config page (aka…