4 matches found
CVE-2024-10838
CVE-2024-10838 — Concrete details : The vulnerability affects Eclipse Cyclone DDS (DDS) and is due to an integer underflow in the DDS_Security_Deserialize_ methods during deserialization, which can enable an unauthenticated attacker to read out-of-bounds heap memory. The impact per documents incl...
CVE-2020-18734
CVE-2020-18734 involves a stack buffer overflow in /ddsi/q_bitset.h of Eclipse Cyclone DDS Project v0.1.0, which can cause the DDS subscriber server to crash. Connected sources confirm the affected component and file path, with no publicly documented exploitation details in the provided documents...
CVE-2020-18735
CVE-2020-18735 relates to Eclipse IoT Cyclone DDS Project v0.1.0, with a heap buffer overflow in /src/dds_stream.c that causes the DDS subscriber server to crash. The connected documents confirm the root cause and the vulnerable file, and consistently describe a crash as the impact. No exploitati...
CVE-2025-67109
The CVE-2025-67109 entry concerns Eclipse Cyclone DDS prior to version 0.10.5, with a root cause described as improper verification of the time certificate. This weakness allows an attacker to bypass certificate checks and execute commands with System privileges. Multiple sources corroborate the ...