EUVD-2022-41330

Malicious code in bioql PyPI...

Hitachi Energys RTU500 Series Product Out-of-Bounds Read (CVE-2022-23937)

A vulnerability exists in the Wind River VxWorks version 6.9 that affects the RTU500 series product versions listed below. RTU500 series CMU Firmware versions 12.0.1 – 12.0.14 12.2.1 – 12.2.11 12.4.1 – 12.4.11 12.6.1 – 12.6.8 12.7.1 – 12.7.5 13.2.1 – 13.2.5 13.3.1 – 13.3.3 13.4.1 In...

CVE-2023-38346

An issue was discovered in Wind River VxWorks 6.9 and 7. The function tarExtract implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExtract" function may expect that the function will strip leading...

PT-2022-6693 · Wind River · Vxworks

Name of the Vulnerable Software and Affected Versions: Wind River VxWorks versions 6.9 through 7 Description: The issue is related to an out-of-bounds read during an IKE initial exchange scenario, which can be triggered by a specifically crafted packet. This may allow a remote attacker to cause a...

Wind River Systems VxWorks Buffer Overflow Vulnerability (CNVD-2019-25705)

Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A buffer overflow vulnerability exists in VxWorks versions 7 and 6.9. The vulnerability can be exploited by an attacker to execute code via a malformed TCP AO option...

JVN#45545972: VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability due to an issue in processing authentication requests. Impact SSH access may become unavailable until the next reboot as a result of processing an authentication request. Solution Apply a patch Apply the...