Vulnerabilities > Windriver > Vxworks > 6.9.4.12
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-25 | CVE-2022-38767 | Unspecified vulnerability in Windriver Vxworks An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure. | 7.5 |
2021-11-24 | CVE-2021-43268 | Double Free vulnerability in Windriver Vxworks An issue was discovered in VxWorks 6.9 through 7. | 6.4 |
2021-05-12 | CVE-2020-35198 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in Wind River VxWorks 7. | 7.5 |
2021-03-11 | CVE-2016-20009 | Out-of-bounds Write vulnerability in multiple products A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. | 9.8 |
2021-02-03 | CVE-2020-28895 | Integer Overflow or Wraparound vulnerability in multiple products In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). | 7.5 |
2020-07-23 | CVE-2020-11440 | Information Exposure vulnerability in Windriver Vxworks httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root. | 5.0 |
2010-08-05 | CVE-2010-2965 | Incorrect Authorization vulnerability in multiple products The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. | 10.0 |