Vxworks@6.9 Security Vulnerabilities and Issues — Vxworks@6.9 CVE List

Lucene search

WindriverVxworks6.9

10 matches found

CVE•added 2019/08/14 8:15 p.m.•118 views

CVE-2019-12262

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).

9.8CVSS9.3AI score0.00421EPSS

CVE•added 2017/02/07 5:59 p.m.•83 views

CVE-2015-7599

Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.

9.3CVSS8.7AI score0.05291EPSS

CVE•added 2022/03/29 2:15 a.m.•78 views

CVE-2022-23937

In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.

7.5CVSS7.3AI score0.00184EPSS

CVE•added 2013/03/20 6:55 p.m.•61 views

CVE-2013-0714

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request.

10CVSS8.2AI score0.09324EPSS

CVE•added 2013/03/20 6:55 p.m.•49 views

CVE-2013-0715

The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string.

4CVSS6.4AI score0.00576EPSS

CVE•added 2013/03/20 6:55 p.m.•46 views

CVE-2013-0712

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet.

6.8CVSS6.4AI score0.00838EPSS

CVE•added 2013/03/20 6:55 p.m.•46 views

CVE-2013-0716

The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI.

5CVSS6.7AI score0.00676EPSS

CVE•added 2013/03/20 6:55 p.m.•45 views

CVE-2013-0713

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request.

6.8CVSS6.3AI score0.00712EPSS

CVE•added 2013/03/20 6:55 p.m.•44 views

CVE-2013-0711

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request.

7.8CVSS6.9AI score0.0186EPSS

CVE•added 2023/09/22 7:15 p.m.•36 views

CVE-2023-38346

An issue was discovered in Wind River VxWorks 6.9 and 7. The function tarExtract implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExtract" function may expect that the function will strip leading s...

8.8CVSS8.5AI score0.0123EPSS