CVE-2021-38445

CVE-2021-38445 affects OCI OpenDDS: versions prior to 3.18.1 do not handle a length parameter consistently with the actual data length, enabling remote code execution. The root cause is improper length handling in the OpenDDS data path, leading to potential arbitrary code execution on affected sy...

CVE-2021-38447

OCI OpenDDS prior to version 3.18.1 is vulnerable to a network amplification/DoS due to an attacker sending specially crafted packets, causing denial of service. Affected: OpenDDS (OCI) before 3.18.1. Root cause: improper handling that allows amplification and excessive network traffic. Impact: d...

CVE-2021-38429

CVE-2021-38429 affects OCI OpenDDS: versions prior to 3.18.1 are vulnerable to a network amplification issue where a specially crafted packet can flood target devices, causing denial-of-service and information exposure. The ICS/CISA advisory explicitly notes mitigation by upgrading OpenDDS to ver...

CVE-2023-23932

OpenDDS (C++ implementation of OMG DDS) is affected by CVE-2023-23932. The vulnerability involves processing of RTPS network input: untrusted, badly-formed input may cause OpenDDS applications to crash. Root cause details indicate the issue affected OpenDDS prior to version 3.23.1. Public referen...

CVE-2025-67111

Vulnerability summary: CVE-2025-67111 affects OpenDDS DDS prior to 3.33.0. The issue is an integer overflow in the RTPS protocol implementation, enabling a Denial of Service via a crafted message. What’s affected: OpenDDS DDS (RTPS protocol implementation) before v3.33.0. Impact (as stated): Deni...