Vulnerabilities > Windriver

DATE CVE VULNERABILITY TITLE RISK
2020-07-23 CVE-2020-11440 Information Exposure vulnerability in Windriver Vxworks
httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.
network
low complexity
windriver CWE-200
5.0
2020-04-27 CVE-2020-10664 Null Pointer Dereference vulnerability in Windriver Vxworks
The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.
network
low complexity
windriver CWE-476
5.0
2020-04-27 CVE-2020-10647 Double Free vulnerability in Windriver Vxworks
Wind River VxWorks tftp client library, as distributed in VxWorks 6.9 through 7 SR0630, has a double free
network
low complexity
windriver CWE-415
7.5
2019-08-14 CVE-2019-12262 Unspecified vulnerability in Windriver Vxworks
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component.
network
low complexity
windriver
7.5
2019-08-09 CVE-2019-12261 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4).
network
low complexity
windriver netap sonicwall siemens CWE-119
7.5
2019-08-09 CVE-2019-12260 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4).
network
low complexity
windriver netap sonicwall siemens CWE-119
7.5
2019-08-09 CVE-2019-12258 Session Fixation vulnerability in multiple products
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component.
network
low complexity
windriver netap sonicwall siemens CWE-384
5.0
2019-08-09 CVE-2019-12255 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4).
network
low complexity
windriver netap sonicwall siemens CWE-119
7.5
2019-08-09 CVE-2019-12265 Memory Leak vulnerability in multiple products
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component.
network
low complexity
windriver netap sonicwall siemens CWE-401
5.0
2019-08-09 CVE-2019-12263 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4).
6.8