Latest windriver vxworks Vulnerabilities

CVE-2023-38346
An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute fi...
Windriver Vxworks=6.9
Windriver Vxworks=7.0
CVE-2022-23937
In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.
Windriver Vxworks=6.9
Windriver Vxworks=7.0
CVE-2021-43268
Windriver Vxworks>=6.9<=7.0
CVE-2020-35198
An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory a...
Windriver Vxworks>=6.9<6.9.4.12
Windriver Vxworks>=7.0<21.03
Windriver Vxworks=6.9.4.12
Windriver Vxworks=6.9.4.12-rolling_cumulative_patch_layer1
Windriver Vxworks=6.9.4.12-rolling_cumulative_patch_layer2
Oracle Communications Eagle>=46.8.0<=46.8.2
and 2 more
CVE-2021-29998
An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client.
Windriver Vxworks<6.5
Siemens Scalance X200-4 P Irt Firmware
Siemens Scalance X200-4 P Irt
Siemens Scalance X201-3p Irt Firmware
and 65 more
CVE-2021-29997
An issue was discovered in Wind River VxWorks 7 before 21.03. A specially crafted packet may lead to buffer over-read on IKE.
Windriver Vxworks>=7.0<21.03
CVE-2021-29999
An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server.
Windriver Vxworks<=6.8
CVE-2016-20009
** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no lo...
Windriver Vxworks>=6.5<=7.0
Siemens Sgt-100 Firmware
Siemens Sgt-100
Siemens Sgt-200 Firmware
Siemens Sgt-200
Siemens Sgt-300 Firmware
and 23 more
CVE-2020-28895
In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer ...
Windriver Vxworks>=6.9<6.9.4.12
Windriver Vxworks=6.9.4.12
Windriver Vxworks=6.9.4.12-rolling_cumulative_patch_layer1
Oracle Communications Eagle>=46.8.0<=48.6.2
Oracle Communications Eagle>=46.9.1<=46.9.3
Oracle Communications Eagle=46.7.0
CVE-2020-11440
httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.
Windriver Vxworks>=5.5<7.0
Windriver Vxworks=7.0
Windriver Vxworks=7.0-sr0630
CVE-2020-10288
Abb Robotware=5.09
Abb Irb140
Abb Irc5
Windriver Vxworks=5.5.1
CVE-2020-10664
The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference.
Windriver Vxworks=6.8.3
CVE-2019-12262
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw).
Windriver Vxworks=6.6
Windriver Vxworks=6.7
Windriver Vxworks=6.8
Windriver Vxworks=6.9
Windriver Vxworks=7.0
Belden Hirschmann Hios<=07.0.07
and 43 more
CVE-2019-12261
Windriver Vxworks>=6.5<6.9.4.12
Windriver Vxworks=7.0
SonicWall SonicOS>=5.9.0.0<=5.9.0.7
SonicWall SonicOS>=5.9.1.0.<=5.9.1.12
SonicWall SonicOS>=6.2.0.0<=6.2.3.1
SonicWall SonicOS>=6.2.4.0<=6.2.4.3
and 65 more
CVE-2019-12260
Windriver Vxworks>=6.5<6.9.4.12
Windriver Vxworks=7.0
SonicWall SonicOS>=5.9.0.0<=5.9.0.7
SonicWall SonicOS>=5.9.1.0.<=5.9.1.12
SonicWall SonicOS>=6.2.0.0<=6.2.3.1
SonicWall SonicOS>=6.2.4.0<=6.2.4.3
and 65 more
CVE-2019-12255
Windriver Vxworks>=6.5<6.9.4
NetApp E-Series SANtricity OS Controller>=8.00<=8.40.50.00
SonicWall SonicOS>=5.9.0.0<=5.9.0.7
SonicWall SonicOS>=5.9.1.0.<=5.9.1.12
SonicWall SonicOS>=6.2.0.0<=6.2.3.1
SonicWall SonicOS>=6.2.4.0<=6.2.4.3
and 65 more
CVE-2019-12258
Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability: DoS of TCP connection via malformed TCP options.
Windriver Vxworks>=6.5<6.9.4.12
Windriver Vxworks=7.0
SonicWall SonicOS>=5.9.0.0<=5.9.0.7
SonicWall SonicOS>=5.9.1.0.<=5.9.1.12
SonicWall SonicOS>=6.2.0.0<=6.2.3.1
SonicWall SonicOS>=6.2.4.0<=6.2.4.3
and 64 more
CVE-2019-12263
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.
Windriver Vxworks>=6.5<6.9.4.12
Windriver Vxworks=7.0
SonicWall SonicOS>=5.9.0.0<=5.9.0.7
SonicWall SonicOS>=5.9.1.0.<=5.9.1.12
SonicWall SonicOS>=6.2.0.0<=6.2.3.1
SonicWall SonicOS>=6.2.4.0<=6.2.4.3
and 64 more
CVE-2019-12259
Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing.
Windriver Vxworks>=6.5<6.9.4.12
Windriver Vxworks=7.0
SonicWall SonicOS>=5.9.0.0<=5.9.0.7
SonicWall SonicOS>=5.9.1.0.<=5.9.1.12
SonicWall SonicOS>=6.2.0.0<=6.2.3.1
SonicWall SonicOS>=6.2.4.0<=6.2.4.3
and 64 more
CVE-2019-12265
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership ...
Windriver Vxworks>=6.5<6.9.4.12
Windriver Vxworks=7.0
SonicWall SonicOS>=5.9.0.0<=5.9.0.7
SonicWall SonicOS>=5.9.1.0.<=5.9.1.12
SonicWall SonicOS>=6.2.0.0<=6.2.3.1
SonicWall SonicOS>=6.2.4.0<=6.2.4.3
and 64 more
CVE-2019-12257
Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. There is an IPNET security vulnerability: Heap overflow in DHCP Offer/ACK parsing inside ipdhcpc.
Windriver Vxworks>=6.5<6.9.4
SonicWall SonicOS>=5.9.0.0<=5.9.0.7
SonicWall SonicOS>=5.9.1.0.<=5.9.1.12
SonicWall SonicOS>=6.2.0.0<=6.2.3.1
SonicWall SonicOS>=6.2.4.0<=6.2.4.3
SonicWall SonicOS>=6.2.5.0<=6.2.5.3
and 59 more
CVE-2019-12256
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.
Windriver Vxworks>=6.5<6.9.4.12
NetApp E-Series SANtricity OS Controller>=8.00<=8.40.50.00
SonicWall SonicOS>=5.9.0.0<=5.9.0.7
SonicWall SonicOS>=5.9.1.0.<=5.9.1.12
SonicWall SonicOS>=6.2.0.0<=6.2.3.1
SonicWall SonicOS>=6.2.4.0<=6.2.4.3
and 63 more
CVE-2019-9865
When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specially crafted RPC request can trigger an integer overflow leading to an out-of-bounds memory copy. It may allow remote attackers to ...
Windriver Vxworks>=6.9<6.9.1
Windriver Vxworks=6.6
Windriver Vxworks=6.7
Windriver Vxworks=6.8

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203