Aggregates CVE and security vulnerability intelligence across all keith-cullen-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-40494 | Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet. | [email protected] | 9.8 | 2.07% | 2024-10-22 | 2025-06-24 |
| CVE-2024-40493 | Null Pointer Dereference in `coap_client_exchange_blockwise2` function in Keith Cullen FreeCoAP 1.0 allows remote attackers to cause a denial of service and potentially execute arbitrary code via a specially crafted CoAP packet that causes `coap_msg_get_payload(resp)` to return a null pointer, which is then dereferenced in a call to `memcpy`. | [email protected] | 9.8 | 1.16% | 2024-10-22 | 2024-10-25 |
| CVE-2024-31029 | An issue in the server_handle_regular function of the test_coap_server.c file within the FreeCoAP project allows remote attackers to cause a Denial of Service through specially crafted packets. | [email protected] | 8.2 | 0.48% | 2024-10-22 | 2025-06-24 |
| CVE-2024-31030 | An issue in coap_msg.c in Keith Cullen's FreeCoAP v.0.7 allows remote attackers to cause a Denial of Service or potentially disclose information via a specially crafted packet. | [email protected] | 9.1 | 0.53% | 2024-05-31 | 2025-06-20 |