Every CVE whose affected-product data names Uip Project Uip, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2020-17438 — CVSS 9.8 (critical): An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to…
CVE-2020-17439 — CVSS 8.3 (high): An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate…
CVE-2020-17437 — CVSS 8.2 (high): An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack…
CVE-2020-24334 — CVSS 8.2 (high): The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses…
CVE-2020-13987 — CVSS 7.5 (high): An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when…
CVE-2020-17440 — CVSS 7.5 (high): An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate…
CVE-2020-24335 — CVSS 7.5 (high): An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an…