CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-52061 – Potential stack buffer overflow when parsing an XML type
https://notcve.org/view.php?id=CVE-2024-52061
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Queuing Service, Recording Service, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0 before 5.3.1.45. • https://www.rti.com/vulnerabilities/#cve-2024-52061 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52060 – Potential stack overflow when using XML configuration file referencing environment variables
https://notcve.org/view.php?id=CVE-2024-52060
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.1.45. • https://www.rti.com/vulnerabilities/#cve-2024-52060 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52059 – Potential heap buffer overflow in Security Plugins while creating a DomainParticipant that uses a malformed Identity Certificate
https://notcve.org/view.php?id=CVE-2024-52059
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.17. • https://www.rti.com/vulnerabilities/#cve-2024-52059 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52058 – Potential arbitrary command execution in System Designer while parsing malicious HTTP/REST requests
https://notcve.org/view.php?id=CVE-2024-52058
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in RTI Connext Professional (System Designer) allows OS Command Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.19. • https://www.rti.com/vulnerabilities/#cve-2024-52058 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52057 – Potential arbitrary SQL query execution in Queuing Service while parsing malicious remote commands or configuration files
https://notcve.org/view.php?id=CVE-2024-52057
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTI Connext Professional (Queuing Service) allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before 6.0.*, from 5.2.0 before 5.3.*. • https://www.rti.com/vulnerabilities/#cve-2024-52057 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •