26 matches found
CVE-2024-25724
The vulnerability CVE-2024-25724 affects RTI Connext® Professional versions 5.3.1 through 6.1.0, with a buffer overflow in XML parsing across Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service. The underlying issue allows an attacker to execute code with the privileg...
CVE-2021-38487
RTI Connext DDS products are affected by a network amplification vulnerability: Connext Professional 4.1–6.1.0, Connext Secure 4.2x–6.1.0, and Connext Micro 2.4 and later may be flooded by specially crafted packets, causing DoS and information exposure. Root cause involves processing of external ...
CVE-2021-38435
RTI Connext DDS Professional and Connext DDS Secure, versions 4.2x–6.1.0, are affected by CVE-2021-38435 due to an incorrect calculation of buffer size during allocation, which may result in a buffer overflow. Affected products are RTI Connext DDS Professional and Connext DDS Secure (4.2x–6.1.0)....
CVE-2021-38427
RTI Connext DDS Professional and Connext DDS Secure versions 4.2.x–6.1.0 are affected by a stack-based buffer overflow that could allow a local attacker to execute arbitrary code. This vulnerability is documented as CVE-2021-38427. Connected sources confirm the affected product family and version...
CVE-2021-38433
RTI Connext DDS Professional and Connext DDS Secure versions 4.2.x–6.1.0 are affected by a stack-based buffer overflow (CVE-2021-38433). The issue is disclosed as a stack-based buffer overflow that may allow a local attacker to execute arbitrary code. Connected sources confirm the affected produc...
CVE-2025-1252
RTI Connext Professional (Core Libraries) has a heap-based buffer overflow vulnerability (CVE-2025-1252). Affected versions include RTI Connext Professional 4.4–6.1.2.23; 7.0.0–7.3.0.7; and 7.4.0–7.5.0. Root cause: heap-based overflow of variables and tags. Remediation per PT-2025-20366 is to upg...
CVE-2025-1254
The CVE-2025-1254 entry describes an Out-of-bounds Read/Write vulnerability in RTI Connext Professional (Core Libraries/Recording Service). Affected versions include 6.0.0–6.1.2.23, 7.0.0–7.3.0.7, and 7.4.0–7.5.0. The issue enables overread/overflow of buffers due to an out-of-bounds condition in...
CVE-2025-1253
CVE-2025-1253 concerns RTI Connext Professional (Core Libraries). The issue is a Buffer Copy without Checking Size of Input, a classic buffer overflow in which input handling can overflow variables and tags. Affected versions include RTI Connext Professional: 4.5 through 6.1.2.22; 7.0.0 through 7...
CVE-2024-52057
RTI Connext Professional (Queuing Service) is affected by CVE-2024-52057 due to improper neutralization of special elements used in SQL commands, enabling SQL injection. Affected versions are: 5.2.0–5.3.* (update to after 5.3.); 6.0.0–6.0. (update to after 6.0.*); 6.1.0–6.1.2.17 (update to after ...
CVE-2024-52066
This CVE-2024-52066 affects RTI Connext Professional’s Routing Service. A buffer copy without checking input size (classic buffer overflow) impacts multiple versions: 6.0.0–6.0.1.40, 6.1.0–6.1.2.21, 7.0.0–7.3.0.5, and 7.4.0–7.4.x before 7.5.0. The root cause is a missing bounds check during input...
CVE-2024-52065
The connected PT-2024-35116 entry confirms a buffer copy without checking input size (classic buffer overflow) in RTI Connext Professional on non-Windows systems using the Persistence Service, exploitable via environment variables. Affected versions: 5.3.1.40–5.3.1.41, 6.1.1.2–6.1.2.21, and 7.0.0...
CVE-2024-52061
The CVE-2024-52061 entry concerns a Classic Buffer Overflow in RTI Connext Professional affecting Core Libraries, Queuing Service, Recording Service, and Routing Service. Root cause: buffer copy without checking input size, enabling overflow of variables and tags. Affected versions include RTI Co...
CVE-2024-52059
RTI Connext Professional (Security Plugins) contains a classic buffer overflow in a Buffer Copy without Checking Size of Input. Affected versions: 6.1.0–6.1.2.16 and 7.0.0–7.3.0.1. Root cause is a classic buffer overflow that can overflow variables and tags.Mitigation: upgrade to 6.1.2.17 or late...
CVE-2024-52060
The CVE-2024-52060 issue affects RTI Connext Professional across multiple services (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service). The vulnerability is a classic buffer overflow caused by a buffer copy that does not check input size...
CVE-2024-52063
CVE-2024-52063 is a buffer overflow in RTI Connext Pro (Core Libraries, Routing Service). Affects Connext Professional versions: 5.0.0–5.3.1.45, 6.0.0–6.0.1.40, 6.1.0–6.1.2.21, 7.0.0–7.3.0.4x (pre-7.3.0.5). The flaw is a Buffer Copy without Checking Size of Input while parsing XML types, enabling...
CVE-2024-52064
The CVE-2024-52064 issue affects RTI Connext Professional (Core Libraries) and is due to a Buffer Copy without Checking Size of Input. Affected: Connext Professional versions 7.0.0–7.3.0.2 (before 7.3.0.2), 6.1.0–6.1.2.21, 6.0.0–6.0.1.40, and 5.0.0–5.3.1.45. Impact described as potential overflow...
CVE-2024-52058
CVE-2024-52058 affects RTI Connext Professional (System Designer). The vulnerability is an OS command injection caused by improper neutralization of certain elements. Affected versions are Connext Professional: 7.0.0–<7.3.0.2 and 6.1.0–
CVE-2024-52062
The CVE-2024-52062 entry describes a classic buffer overflow in RTI Connext Professional (Core Libraries) caused by a Buffer Copy without Checking Size of Input. Affected versions are Connext Professional: 7.0.0–before 7.3.0.5; 6.1.0–before 6.1.2.21; 6.0.0–before 6.0.1.40; 5.0.0–before 5.3.1.45. ...
CVE-2025-4993
CVE-2025-4993 concerns an untrusted pointer dereference in RTI Connext Professional (Core Libraries) that can enable pointer manipulation. The vulnerability affects multiple release series of Connext Professional: 4.4a–5.2., 5.3.0–5.3. , 6.0.0–6.0., 6.1.0–6.1.2.27, 7.0.0–7.3.0.10, and 7.4.0–7.6.0...
CVE-2025-8410
This CVE concerns RTI Connext Professional (Security Plugins). A Use After Free vulnerability in the Security Plugins component may allow file manipulation. Affected versions are Connext Professional 7.5.0 up to, but not including, 7.6.0. The issue stems from a post-release reuse/management flaw ...
CVE-2025-4582
The CVE-2025-4582 entry describes a Buffer Over-read and off-by-one error in RTI Connext Professional (Core Libraries) that could allow file manipulation. Affected versions include RTI Connext Professional 4.4a–5.2., 5.3.0–5.3. , 6.0.0–6.0.*, 6.1.0–6.1.2.26, 7.0.0–7.3.0.8, and 7.4.0–7.6.0. Remedi...
CVE-2025-10450
CVE-2025-10450 affects RTI Connext Professional (Core Libraries). The issue is described as the exposure of private personal information to an unauthorized actor, enabling sniffing of network traffic. Affected versions are Connext Professional: from 7.4.0 before 7.*, and from 7.2.0 before 7.3.1. ...
CVE-2025-1255
RTI Connext Professional (Core Libraries) contains an Untrusted Pointer Dereference vulnerability that can allow pointer manipulation. Affected versions include RTI Connext Professional 7.2.0–7.3.0.9 and 7.4.0–7.6.0. The root cause is an untrusted pointer dereference in the Core Libraries. Remedi...
CVE-2026-4374
CVE-2026-4374 affects RTI Connext Professional (Routing Service, Observability Collector, Recording Service, Queueing Service, Cloud Discovery Service). The issue is an improper restriction of XML External Entity references, enabling Serialized Data External Linking and data serialization-related...
CVE-2025-14543
CVE-2025-14543 affects Connext Professional (Core Libraries) with an XML External Entity Reference (XXE) vulnerability that enables Serialized Data External Linking. The issue is described as an improper restriction of external entities. Affected versions include: from 7.4.0 up to but not includi...
CVE-2026-2394
RTI Connext Professional (Core Libraries) contains a Buffer Over-read vulnerability (CVE-2026-2394) affecting multiple older release families: 7.4.0–7.6.x (before 7.7.0), 7.0.0–7.3.1.1, 6.1.0–6.1.x, 6.0.0–6.0.x, 5.3.0–5.3.x, and 4.3.x–5.2.x. Root cause: overread of internal buffers in the Core Li...