Lucene search
K
RtiConnext Professional

26 matches found

CVE
CVE
added 2024/05/21 6:38 p.m.120 views

CVE-2024-25724

The vulnerability CVE-2024-25724 affects RTI Connext® Professional versions 5.3.1 through 6.1.0, with a buffer overflow in XML parsing across Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service. The underlying issue allows an attacker to execute code with the privileg...

7.3CVSS7.6AI score0.00183EPSS
CVE
CVE
added 2022/05/05 3:18 p.m.71 views

CVE-2021-38487

RTI Connext DDS products are affected by a network amplification vulnerability: Connext Professional 4.1–6.1.0, Connext Secure 4.2x–6.1.0, and Connext Micro 2.4 and later may be flooded by specially crafted packets, causing DoS and information exposure. Root cause involves processing of external ...

9.1CVSS9AI score0.03334EPSS
CVE
CVE
added 2022/05/05 3:27 p.m.69 views

CVE-2021-38435

RTI Connext DDS Professional and Connext DDS Secure, versions 4.2x–6.1.0, are affected by CVE-2021-38435 due to an incorrect calculation of buffer size during allocation, which may result in a buffer overflow. Affected products are RTI Connext DDS Professional and Connext DDS Secure (4.2x–6.1.0)....

9.8CVSS8.1AI score0.01424EPSS
CVE
CVE
added 2022/05/05 3:25 p.m.61 views

CVE-2021-38427

RTI Connext DDS Professional and Connext DDS Secure versions 4.2.x–6.1.0 are affected by a stack-based buffer overflow that could allow a local attacker to execute arbitrary code. This vulnerability is documented as CVE-2021-38427. Connected sources confirm the affected product family and version...

7.8CVSS7.4AI score0.00546EPSS
CVE
CVE
added 2022/05/05 3:27 p.m.61 views

CVE-2021-38433

RTI Connext DDS Professional and Connext DDS Secure versions 4.2.x–6.1.0 are affected by a stack-based buffer overflow (CVE-2021-38433). The issue is disclosed as a stack-based buffer overflow that may allow a local attacker to execute arbitrary code. Connected sources confirm the affected produc...

7.8CVSS7.4AI score0.00546EPSS
CVE
CVE
added 2025/05/08 8:31 a.m.61 views

CVE-2025-1252

RTI Connext Professional (Core Libraries) has a heap-based buffer overflow vulnerability (CVE-2025-1252). Affected versions include RTI Connext Professional 4.4–6.1.2.23; 7.0.0–7.3.0.7; and 7.4.0–7.5.0. Root cause: heap-based overflow of variables and tags. Remediation per PT-2025-20366 is to upg...

7.1CVSS6.5AI score0.00133EPSS
CVE
CVE
added 2025/05/08 8:32 a.m.59 views

CVE-2025-1254

The CVE-2025-1254 entry describes an Out-of-bounds Read/Write vulnerability in RTI Connext Professional (Core Libraries/Recording Service). Affected versions include 6.0.0–6.1.2.23, 7.0.0–7.3.0.7, and 7.4.0–7.5.0. The issue enables overread/overflow of buffers due to an out-of-bounds condition in...

7.7CVSS6.5AI score0.00209EPSS
CVE
CVE
added 2025/05/08 8:32 a.m.58 views

CVE-2025-1253

CVE-2025-1253 concerns RTI Connext Professional (Core Libraries). The issue is a Buffer Copy without Checking Size of Input, a classic buffer overflow in which input handling can overflow variables and tags. Affected versions include RTI Connext Professional: 4.5 through 6.1.2.22; 7.0.0 through 7...

7.8CVSS6.5AI score0.00145EPSS
CVE
CVE
added 2024/12/13 10:12 a.m.56 views

CVE-2024-52057

RTI Connext Professional (Queuing Service) is affected by CVE-2024-52057 due to improper neutralization of special elements used in SQL commands, enabling SQL injection. Affected versions are: 5.2.0–5.3.* (update to after 5.3.); 6.0.0–6.0. (update to after 6.0.*); 6.1.0–6.1.2.17 (update to after ...

9.8CVSS7.3AI score0.00389EPSS
CVE
CVE
added 2024/12/13 10:23 a.m.56 views

CVE-2024-52066

This CVE-2024-52066 affects RTI Connext Professional’s Routing Service. A buffer copy without checking input size (classic buffer overflow) impacts multiple versions: 6.0.0–6.0.1.40, 6.1.0–6.1.2.21, 7.0.0–7.3.0.5, and 7.4.0–7.4.x before 7.5.0. The root cause is a missing bounds check during input...

8.3CVSS6.7AI score0.00283EPSS
CVE
CVE
added 2024/12/13 10:22 a.m.53 views

CVE-2024-52065

The connected PT-2024-35116 entry confirms a buffer copy without checking input size (classic buffer overflow) in RTI Connext Professional on non-Windows systems using the Persistence Service, exploitable via environment variables. Affected versions: 5.3.1.40–5.3.1.41, 6.1.1.2–6.1.2.21, and 7.0.0...

7.1CVSS6.7AI score0.00151EPSS
CVE
CVE
added 2024/12/13 10:20 a.m.51 views

CVE-2024-52061

The CVE-2024-52061 entry concerns a Classic Buffer Overflow in RTI Connext Professional affecting Core Libraries, Queuing Service, Recording Service, and Routing Service. Root cause: buffer copy without checking input size, enabling overflow of variables and tags. Affected versions include RTI Co...

9.8CVSS6.7AI score0.0044EPSS
CVE
CVE
added 2024/12/13 10:18 a.m.50 views

CVE-2024-52059

RTI Connext Professional (Security Plugins) contains a classic buffer overflow in a Buffer Copy without Checking Size of Input. Affected versions: 6.1.0–6.1.2.16 and 7.0.0–7.3.0.1. Root cause is a classic buffer overflow that can overflow variables and tags.Mitigation: upgrade to 6.1.2.17 or late...

7.8CVSS6.6AI score0.00166EPSS
CVE
CVE
added 2024/12/13 10:19 a.m.50 views

CVE-2024-52060

The CVE-2024-52060 issue affects RTI Connext Professional across multiple services (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service). The vulnerability is a classic buffer overflow caused by a buffer copy that does not check input size...

8.3CVSS6.7AI score0.00309EPSS
CVE
CVE
added 2024/12/13 10:21 a.m.49 views

CVE-2024-52063

CVE-2024-52063 is a buffer overflow in RTI Connext Pro (Core Libraries, Routing Service). Affects Connext Professional versions: 5.0.0–5.3.1.45, 6.0.0–6.0.1.40, 6.1.0–6.1.2.21, 7.0.0–7.3.0.4x (pre-7.3.0.5). The flaw is a Buffer Copy without Checking Size of Input while parsing XML types, enabling...

8.6CVSS6.7AI score0.00323EPSS
CVE
CVE
added 2024/12/13 10:21 a.m.49 views

CVE-2024-52064

The CVE-2024-52064 issue affects RTI Connext Professional (Core Libraries) and is due to a Buffer Copy without Checking Size of Input. Affected: Connext Professional versions 7.0.0–7.3.0.2 (before 7.3.0.2), 6.1.0–6.1.2.21, 6.0.0–6.0.1.40, and 5.0.0–5.3.1.45. Impact described as potential overflow...

7.1CVSS6.7AI score0.00151EPSS
CVE
CVE
added 2024/12/13 10:17 a.m.47 views

CVE-2024-52058

CVE-2024-52058 affects RTI Connext Professional (System Designer). The vulnerability is an OS command injection caused by improper neutralization of certain elements. Affected versions are Connext Professional: 7.0.0–<7.3.0.2 and 6.1.0–

8.6CVSS6.7AI score0.00625EPSS
CVE
CVE
added 2024/12/13 10:20 a.m.46 views

CVE-2024-52062

The CVE-2024-52062 entry describes a classic buffer overflow in RTI Connext Professional (Core Libraries) caused by a Buffer Copy without Checking Size of Input. Affected versions are Connext Professional: 7.0.0–before 7.3.0.5; 6.1.0–before 6.1.2.21; 6.0.0–before 6.0.1.40; 5.0.0–before 5.3.1.45. ...

7.8CVSS6.7AI score0.00165EPSS
CVE
CVE
added 2025/09/23 5:51 p.m.23 views

CVE-2025-4993

CVE-2025-4993 concerns an untrusted pointer dereference in RTI Connext Professional (Core Libraries) that can enable pointer manipulation. The vulnerability affects multiple release series of Connext Professional: 4.4a–5.2., 5.3.0–5.3. , 6.0.0–6.0., 6.1.0–6.1.2.27, 7.0.0–7.3.0.10, and 7.4.0–7.6.0...

9.1CVSS5.9AI score0.00345EPSS
CVE
CVE
added 2025/09/23 5:52 p.m.20 views

CVE-2025-8410

This CVE concerns RTI Connext Professional (Security Plugins). A Use After Free vulnerability in the Security Plugins component may allow file manipulation. Affected versions are Connext Professional 7.5.0 up to, but not including, 7.6.0. The issue stems from a post-release reuse/management flaw ...

7.4CVSS6.6AI score0.00198EPSS
CVE
CVE
added 2025/09/23 5:51 p.m.19 views

CVE-2025-4582

The CVE-2025-4582 entry describes a Buffer Over-read and off-by-one error in RTI Connext Professional (Core Libraries) that could allow file manipulation. Affected versions include RTI Connext Professional 4.4a–5.2., 5.3.0–5.3. , 6.0.0–6.0.*, 6.1.0–6.1.2.26, 7.0.0–7.3.0.8, and 7.4.0–7.6.0. Remedi...

7.1CVSS5.9AI score0.00127EPSS
CVE
CVE
added 2025/12/16 4:9 p.m.17 views

CVE-2025-10450

CVE-2025-10450 affects RTI Connext Professional (Core Libraries). The issue is described as the exposure of private personal information to an unauthorized actor, enabling sniffing of network traffic. Affected versions are Connext Professional: from 7.4.0 before 7.*, and from 7.2.0 before 7.3.1. ...

8.3CVSS5.9AI score0.00197EPSS
CVE
CVE
added 2025/09/23 5:50 p.m.16 views

CVE-2025-1255

RTI Connext Professional (Core Libraries) contains an Untrusted Pointer Dereference vulnerability that can allow pointer manipulation. Affected versions include RTI Connext Professional 7.2.0–7.3.0.9 and 7.4.0–7.6.0. The root cause is an untrusted pointer dereference in the Core Libraries. Remedi...

9.1CVSS6.6AI score0.00345EPSS
CVE
CVE
added 2026/04/01 1:6 a.m.15 views

CVE-2026-4374

CVE-2026-4374 affects RTI Connext Professional (Routing Service, Observability Collector, Recording Service, Queueing Service, Cloud Discovery Service). The issue is an improper restriction of XML External Entity references, enabling Serialized Data External Linking and data serialization-related...

9.1CVSS5.2AI score0.00235EPSS
CVE
CVE
added 2026/04/30 3:25 p.m.12 views

CVE-2025-14543

CVE-2025-14543 affects Connext Professional (Core Libraries) with an XML External Entity Reference (XXE) vulnerability that enables Serialized Data External Linking. The issue is described as an improper restriction of external entities. Affected versions include: from 7.4.0 up to but not includi...

9.1CVSS5.2AI score0.00205EPSS
CVE
CVE
added 2026/04/01 12:52 a.m.11 views

CVE-2026-2394

RTI Connext Professional (Core Libraries) contains a Buffer Over-read vulnerability (CVE-2026-2394) affecting multiple older release families: 7.4.0–7.6.x (before 7.7.0), 7.0.0–7.3.1.1, 6.1.0–6.1.x, 6.0.0–6.0.x, 5.3.0–5.3.x, and 4.3.x–5.2.x. Root cause: overread of internal buffers in the Core Li...

6.5CVSS5.2AI score0.00158EPSS