552 matches found
CVE-2024-28759
A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09...
Wind River Software VxWorks 6.9 Weak Password Hashing Algorithms
The password hashing algorithm introduced in VxWorks 6.9 is considered insecure. This algorithm employs a single iteration of SHA-256 combined with a salt to hash user passwords. The password hashing algorithm used in VxWorks 7 24.04 is also considered insecure. This algorithm uses 5,000 iteratio...
The vulnerability of DHCP servers for real-time operating systems like Wind River VxWorks allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of DHCP servers for real-time operating systems from Wind River VxWorks relates to operations that go beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...
D-Link I2eye Video Conference AutoAnswer (WDBRPC)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link i2eye Video Conference AutoAnswer WDBRPC', 'Description' = %q This module can be used to enable auto-answer mode for the D-Link i2eye vide...
URGENT/11 Scanner, Based On Detection Tool By Armis
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'URGENT/11 Scanner, Based on Detection Tool by Armis', 'Description' = %q This module detects VxWorks and the IPnet IP stack, along with devices...
VxWorks WDB Agent Remote Reboot
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VxWorks WDB Agent Remote Reboot', 'Description' = %q This module provides the ability to reboot a VxWorks target through WDBRPC , 'Author' = 'hdm...
VxWorks WDB Agent Remote Memory Dump
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VxWorks WDB Agent Remote Memory Dump', 'Description' = %q This module provides the ability to dump the system memory of a VxWorks target through...
Hirschmann HiOS Switches Heap-based Buffer Overflow (CVE-2019-12257)
DHCP packets may go past the local area network LAN via DHCP-relays, but are otherwise confined to the LAN. The DHCP-client may be used by VxWorks and in the bootrom. Bootrom, using DHCP/BOOTP, is only vulnerable during the boot-process. This vulnerability may be used to overwrite the heap, which...
CVE-2024-28759
A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09...
Wind River VxWorks 安全漏洞
Wind River VxWorks is an operating system from Wind River Systems, Inc. the industry-leading real-time operating system for building embedded devices and systems. A security vulnerability exists in Wind River VxWorks versions 7 through 23.09 that originates from a buffer overflow...
CVE-2024-28759
A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09...
CVE-2024-28759
A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09...
CVE-2024-28759
Wind River VxWorks 7.x up to 23.09 is affected by a vulnerability where a crafted network packet can cause a buffer overrun. Affected component is the VxWorks networking input handling; root cause is a buffer overflow triggered by network packets. Practical impact is a potential crash or instabil...
PT-2024-22565 · Wind River · Vxworks
Name of the Vulnerable Software and Affected Versions: Wind River VxWorks versions 7 through 23.09 Description: A crafted network packet may cause a buffer overrun. Recommendations: For versions 7 through 23.09, update to a version that contains a fix for this issue...
The vulnerability of the OpenSSL processor in real-time operating systems like Wind River VxWorks allows attackers to trigger a service failure.
The vulnerability of the OpenSSL processor in real-time operating systems from Wind River and VxWorks is related to memory release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...
CVE-2023-51787
An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak...
CVE-2023-51787
An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak...
Memory corruption
An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak...
CVE-2023-51787
An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak...
CVE-2023-51787
CVE-2023-51787 affects Wind River VxWorks 7 22.09 and 23.03. The issue occurs when a VxWorks task or POSIX thread that uses OpenSSL exits, causing the per‑task memory not to be freed and resulting in a memory leak. The described impact is a memory availability concern (high severity per CVSS) but...