Vulnerabilities > Windriver

DATE CVE VULNERABILITY TITLE RISK
2022-03-29 CVE-2022-23937 Out-of-bounds Read vulnerability in Windriver Vxworks 6.9/7.0
In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.
network
low complexity
windriver CWE-125
5.0
2021-11-24 CVE-2021-43268 Double Free vulnerability in Windriver Vxworks
An issue was discovered in VxWorks 6.9 through 7.
network
low complexity
windriver CWE-415
6.4
2021-05-12 CVE-2020-35198 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Wind River VxWorks 7.
network
low complexity
windriver oracle CWE-190
7.5
2021-04-13 CVE-2021-29999 Out-of-bounds Write vulnerability in Windriver Vxworks
An issue was discovered in Wind River VxWorks through 6.8.
network
low complexity
windriver CWE-787
7.5
2021-04-13 CVE-2021-29998 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Wind River VxWorks before 6.5.
network
low complexity
windriver siemens CWE-787
7.5
2021-04-13 CVE-2021-29997 Out-of-bounds Read vulnerability in Windriver Vxworks 7.0
An issue was discovered in Wind River VxWorks 7 before 21.03.
network
low complexity
windriver CWE-125
5.0
2021-03-25 CVE-2021-3450 Improper Certificate Validation vulnerability in multiple products
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain.
5.8
2021-03-11 CVE-2016-20009 Out-of-bounds Write vulnerability in multiple products
** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7.
network
low complexity
windriver siemens CWE-787
7.5
2021-02-03 CVE-2020-28895 Integer Overflow or Wraparound vulnerability in multiple products
In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc().
network
low complexity
windriver oracle CWE-190
7.5
2020-07-23 CVE-2020-11440 Information Exposure vulnerability in Windriver Vxworks
httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.
network
low complexity
windriver CWE-200
5.0