7 matches found
CVE-2025-55096
CVE-2025-55096 affects USBX (USB host stack) prior to 6.4.3 in the Eclipse Foundation ThreadX ecosystem. The root cause is an out-of-bounds read in _ux_host_class_hid_report_descriptor_get() while parsing a USB HID device descriptor. Documented impact includes high confidentiality and availabilit...
CVE-2025-55080 Improper Parameter Check in ThreadX Syscall Implementation
In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write...
CVE-2025-55079
In Eclipse ThreadX before version 6.4.3, the thread module has a setting of maximum priority. In some cases the check of that maximum priority wasn't performed, allowing, as a result, to obtain a thread with higher priority than expected and causing a possible denial of service...
CVE-2025-55079
CVE-2025-55079 refers to Eclipse ThreadX RTOS prior to 6.4.3, where the thread module’s maximum priority check could be bypassed, allowing a thread to run at a higher priority than intended and cause a potential denial of service. This is corroborated by Red Hat and other industry sources in the ...
CVE-2024-23533
An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an authenticated remote attacker to read sensitive information in memory...
CVE-2024-24998
A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...
Ivanti Avalanche 安全漏洞
Ivanti Avalanche is a mobile device management MDM software platform designed to help organizations manage, maintain and secure their mobile devices. It supports a range of device types, including smartphones, tablets, and industrial devices. A heap overflow vulnerability exists in Ivanti Avalanc...