High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-22	CVE-2023-38346	Path Traversal vulnerability in Windriver Vxworks 6.9/7.0 An issue was discovered in Wind River VxWorks 6.9 and 7. network low complexity windriver CWE-22	8.8
2022-11-25	CVE-2022-38767	Unspecified vulnerability in Windriver Vxworks An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure. network low complexity windriver	7.5
2022-03-29	CVE-2022-23937	Out-of-bounds Read vulnerability in Windriver Vxworks 6.9/7.0 In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario. network low complexity windriver CWE-125	7.5
2021-03-25	CVE-2021-3450	Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. network high complexity openssl freebsd netapp windriver fedoraproject tenable oracle mcafee sonicwall nodejs CWE-295	7.4
2021-02-03	CVE-2020-28895	Integer Overflow or Wraparound vulnerability in multiple products In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). network low complexity windriver oracle CWE-190	7.3
2020-07-23	CVE-2020-11440	Unspecified vulnerability in Windriver Vxworks httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root. network low complexity windriver	7.5
2020-04-27	CVE-2020-10664	NULL Pointer Dereference vulnerability in Windriver Vxworks 6.8.3 The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference. network low complexity windriver CWE-476	7.5
2019-08-09	CVE-2019-12258	Session Fixation vulnerability in multiple products Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. network low complexity windriver sonicwall siemens netapp belden CWE-384	7.5
2019-08-09	CVE-2019-12263	Out-of-bounds Write vulnerability in multiple products Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). network high complexity windriver sonicwall siemens netapp belden CWE-787	8.1
2019-08-09	CVE-2019-12259	NULL Pointer Dereference vulnerability in multiple products Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. network low complexity windriver sonicwall siemens belden CWE-476	7.5