Product:

Vxworks

(Windriver)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 37
Date Id Summary Products Score Patch Annotated
2019-08-09 CVE-2019-12260 Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. Garrettcom_magnum_dx940e_firmware, Hirschmann_hios, E\-Series_santricity_os_controller, Communications_eagle, Power_meter_9410_firmware, Power_meter_9810_firmware, Ruggedcom_win7000_firmware, Ruggedcom_win7018_firmware, Ruggedcom_win7025_firmware, Ruggedcom_win7200_firmware, Siprotec_5_firmware, Sonicos, Vxworks 9.8
2019-08-09 CVE-2019-12261 Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. Garrettcom_magnum_dx940e_firmware, Hirschmann_hios, E\-Series_santricity_os_controller, Communications_eagle, Power_meter_9410_firmware, Power_meter_9810_firmware, Ruggedcom_win7000_firmware, Ruggedcom_win7018_firmware, Ruggedcom_win7025_firmware, Ruggedcom_win7200_firmware, Siprotec_5_firmware, Sonicos, Vxworks 9.8
2010-08-05 CVE-2010-2965 The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. 1756\-Enbt\/a_firmware, Vxworks N/A
2019-08-09 CVE-2019-12259 Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing. Garrettcom_magnum_dx940e_firmware, Hirschmann_hios, 9410_power_meter_firmware, 9810_power_meter_firmware, Ruggedcom_win7000_firmware, Ruggedcom_win7018_firmware, Ruggedcom_win7025_firmware, Ruggedcom_win7200_firmware, Siprotec_5_firmware, Sonicos, Vxworks 7.5
2019-08-05 CVE-2019-12264 Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. Garrettcom_magnum_dx940e_firmware, Hirschmann_hios, Ruggedcom_win7000_firmware, Ruggedcom_win7018_firmware, Ruggedcom_win7025_firmware, Ruggedcom_win7200_firmware, Vxworks 7.1
2019-08-14 CVE-2019-12262 Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). Garrettcom_magnum_dx940e_firmware, Hirschmann_hios, Ruggedcom_win7000_firmware, Ruggedcom_win7018_firmware, Ruggedcom_win7025_firmware, Ruggedcom_win7200_firmware, Vxworks 9.8
2021-02-03 CVE-2020-28895 In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. Communications_eagle, Vxworks 7.3
2021-05-12 CVE-2020-35198 An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. Communications_eagle, Vxworks 9.8
2022-03-29 CVE-2022-23937 In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario. Vxworks 7.5
2021-11-24 CVE-2021-43268 An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free. Vxworks 6.5