Lucene search
K
EclipseCyclone Data Distribution Service

4 matches found

CVE
CVE
added 2025/03/12 1:3 p.m.59 views

CVE-2024-10838

CVE-2024-10838 — Concrete details : The vulnerability affects Eclipse Cyclone DDS (DDS) and is due to an integer underflow in the DDS_Security_Deserialize_ methods during deserialization, which can enable an unauthenticated attacker to read out-of-bounds heap memory. The impact per documents incl...

9.1CVSS6.8AI score0.00876EPSS
CVE
CVE
added 2021/08/23 8:7 p.m.58 views

CVE-2020-18734

CVE-2020-18734 involves a stack buffer overflow in /ddsi/q_bitset.h of Eclipse Cyclone DDS Project v0.1.0, which can cause the DDS subscriber server to crash. Connected sources confirm the affected component and file path, with no publicly documented exploitation details in the provided documents...

7.5CVSS7.7AI score0.01862EPSS
CVE
CVE
added 2021/08/23 8:7 p.m.46 views

CVE-2020-18735

CVE-2020-18735 relates to Eclipse IoT Cyclone DDS Project v0.1.0, with a heap buffer overflow in /src/dds_stream.c that causes the DDS subscriber server to crash. The connected documents confirm the root cause and the vulnerable file, and consistently describe a crash as the impact. No exploitati...

7.5CVSS7.7AI score0.01862EPSS
CVE
CVE
added 2025/12/23 12:0 a.m.16 views

CVE-2025-67109

The CVE-2025-67109 entry concerns Eclipse Cyclone DDS prior to version 0.10.5, with a root cause described as improper verification of the time certificate. This weakness allows an attacker to bypass certificate checks and execute commands with System privileges. Multiple sources corroborate the ...

10CVSS6.9AI score0.00293EPSS