Vulnerabilities > Windriver > Vxworks

DATE CVE VULNERABILITY TITLE RISK
2020-07-23 CVE-2020-11440 Information Exposure vulnerability in Windriver Vxworks
httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.
network
low complexity
windriver CWE-200
5.0
2020-04-27 CVE-2020-10664 NULL Pointer Dereference vulnerability in Windriver Vxworks 6.8.3
The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.
network
low complexity
windriver CWE-476
5.0
2019-08-14 CVE-2019-12262 Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component.
network
low complexity
windriver belden siemens
7.5
2019-08-09 CVE-2019-12261 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4).
7.5
2019-08-09 CVE-2019-12260 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4).
7.5
2019-08-09 CVE-2019-12258 Session Fixation vulnerability in multiple products
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component.
network
low complexity
windriver sonicwall siemens netapp belden CWE-384
5.0
2019-08-09 CVE-2019-12255 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4).
network
low complexity
windriver netapp sonicwall siemens belden CWE-120
critical
9.8
2019-08-09 CVE-2019-12265 Memory Leak vulnerability in multiple products
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component.
network
low complexity
windriver sonicwall siemens netapp belden CWE-401
5.0
2019-08-09 CVE-2019-12263 Out-of-bounds Write vulnerability in multiple products
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4).
6.8
2019-08-09 CVE-2019-12259 NULL Pointer Dereference vulnerability in multiple products
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component.
network
low complexity
windriver sonicwall siemens belden CWE-476
5.0