Vxworks Security Vulnerabilities and Issues — Vxworks CVE List

Lucene search

WindriverVxworks

11 matches found

CVE•added 2019/08/09 8:15 p.m.•276 views

CVE-2019-12255

Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.

9.8CVSS9.3AI score0.80153EPSS

CVE•added 2019/08/09 9:15 p.m.•252 views

CVE-2019-12261

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.

9.8CVSS9.2AI score0.17176EPSS

CVE•added 2019/08/09 9:15 p.m.•207 views

CVE-2019-12260

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.

9.8CVSS9.3AI score0.26195EPSS

CVE•added 2019/08/09 6:15 p.m.•134 views

CVE-2019-12256

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.

9.8CVSS9.5AI score0.17708EPSS

CVE•added 2019/08/14 8:15 p.m.•118 views

CVE-2019-12262

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).

9.8CVSS9.3AI score0.00421EPSS

CVE•added 2008/10/03 3:7 p.m.•116 views

CVE-2008-2476

The IPv6 Neighbor Discovery Protocol (NDP) implementation in (1) FreeBSD 6.3 through 7.1, (2) OpenBSD 4.2 and 4.3, (3) NetBSD, (4) Force10 FTOS before E7.7.1.1, (5) Juniper JUNOS, and (6) Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows re...

9.3CVSS6.2AI score0.14849EPSS

CVE•added 2021/04/13 5:15 p.m.•86 views

CVE-2021-29999

An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server.

9.8CVSS9.6AI score0.00394EPSS

CVE•added 2021/05/12 11:15 a.m.•85 views

CVE-2020-35198

An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.

9.8CVSS9.5AI score0.02921EPSS

CVE•added 2017/02/07 5:59 p.m.•84 views

CVE-2015-7599

Integer overflow in the _authenticate function in svc_auth.c in Wind River VxWorks 5.5 through 6.9.4.1, when the Remote Procedure Call (RPC) protocol is enabled, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a username and password.

9.3CVSS8.7AI score0.05291EPSS

CVE•added 2021/03/11 10:15 p.m.•77 views

CVE-2016-20009

A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

9.8CVSS9.7AI score0.00416EPSS

CVE•added 2021/04/13 5:15 p.m.•69 views

CVE-2021-29998

An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.

9.8CVSS9.5AI score0.01187EPSS