RSS   Vulnerabilities for 'Contiki-ng'   RSS

2018-12-28
 
CVE-2018-20579

CWE-119
 

 
Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character.

 
2018-10-08
 
CVE-2018-1000804

CWE-119
 

 
contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able to run malicious AQL code (e.g. via SQL-like Injection attack).

 


Copyright 2024, cxsecurity.com

 

Back to Top