Vxworks@6.8 Security Vulnerabilities and Issues — Vxworks@6.8 CVE List

Lucene search

WindriverVxworks6.8

10 matches found

CVE•added 2019/08/14 8:15 p.m.•118 views

CVE-2019-12262

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).

9.8CVSS9.3AI score0.00421EPSS

CVE•added 2019/08/05 6:15 p.m.•101 views

CVE-2019-12264

Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component.

7.1CVSS8.2AI score0.00284EPSS

CVE•added 2017/02/07 5:59 p.m.•83 views

CVE-2015-7599

Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.

9.3CVSS8.7AI score0.05291EPSS

CVE•added 2019/05/29 5:29 p.m.•76 views

CVE-2019-9865

When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code.

8.1CVSS8.5AI score0.01771EPSS

CVE•added 2013/03/20 6:55 p.m.•61 views

CVE-2013-0714

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request.

10CVSS8.2AI score0.09324EPSS

CVE•added 2013/03/20 6:55 p.m.•49 views

CVE-2013-0715

The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string.

4CVSS6.4AI score0.00576EPSS

CVE•added 2013/03/20 6:55 p.m.•46 views

CVE-2013-0712

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet.

6.8CVSS6.4AI score0.00838EPSS

CVE•added 2013/03/20 6:55 p.m.•46 views

CVE-2013-0716

The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI.

5CVSS6.7AI score0.00676EPSS

CVE•added 2013/03/20 6:55 p.m.•45 views

CVE-2013-0713

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request.

6.8CVSS6.3AI score0.00712EPSS

CVE•added 2013/03/20 6:55 p.m.•44 views

CVE-2013-0711

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request.

7.8CVSS6.9AI score0.0186EPSS