Lucene search
K

7 matches found

CVE
CVE
added 2025/10/17 5:32 a.m.24 views

CVE-2025-55096

CVE-2025-55096 affects USBX (USB host stack) prior to 6.4.3 in the Eclipse Foundation ThreadX ecosystem. The root cause is an out-of-bounds read in _ux_host_class_hid_report_descriptor_get() while parsing a USB HID device descriptor. Documented impact includes high confidentiality and availabilit...

6.1CVSS6.5AI score0.00152EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/10/15 5:41 a.m.3 views

CVE-2025-55080 Improper Parameter Check in ThreadX Syscall Implementation

In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write...

7.2CVSS6.1AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2025/10/15 5:16 a.m.34 views

CVE-2025-55079

In Eclipse ThreadX before version 6.4.3, the thread module has a setting of maximum priority. In some cases the check of that maximum priority wasn't performed, allowing, as a result, to obtain a thread with higher priority than expected and causing a possible denial of service...

5.7CVSS0.00161EPSS
Exploits1References1
CVE
CVE
added 2025/10/15 4:29 a.m.17 views

CVE-2025-55079

CVE-2025-55079 refers to Eclipse ThreadX RTOS prior to 6.4.3, where the thread module’s maximum priority check could be bypassed, allowing a thread to run at a higher priority than intended and cause a potential denial of service. This is corroborated by Red Hat and other industry sources in the ...

5.7CVSS6.4AI score0.00161EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:38 a.m.6 views

CVE-2024-23533

An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an authenticated remote attacker to read sensitive information in memory...

6.5CVSS6.5AI score0.01366EPSS
Exploits0References1
OSV
OSV
added 2024/04/19 2:15 a.m.2 views

CVE-2024-24998

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...

8.8CVSS6AI score
Exploits0References1
CNNVD
CNNVD
added 2024/04/19 12:0 a.m.3 views

Ivanti Avalanche 安全漏洞

Ivanti Avalanche is a mobile device management MDM software platform designed to help organizations manage, maintain and secure their mobile devices. It supports a range of device types, including smartphones, tablets, and industrial devices. A heap overflow vulnerability exists in Ivanti Avalanc...

9.8CVSS7.5AI score0.04308EPSS
Exploits0References2
Rows per page
Query Builder