CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29999
https://notcve.org/view.php?id=CVE-2021-29999
An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server. Se detectó un problema en Wind River VxWorks versiones hasta 6.8. Se presenta un posible desbordamiento de pila en el servidor DHCP • https://support2.windriver.com/index.php?page=security-notices • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 71EXPL: 0CVE-2021-29998
https://notcve.org/view.php?id=CVE-2021-29998
An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client. Se detectó un problema en Wind River VxWorks versiones anteriores a 6.5. Se presenta un posible desbordamiento de la pila en el cliente dhcp • https://cert-portal.siemens.com/productcert/pdf/ssa-560465.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-910883.pdf https://support2.windriver.com/index.php?page=security-notices https://us-cert.cisa.gov/ics/advisories/icsa-21-194-12 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 1CVE-2016-20009
https://notcve.org/view.php?id=CVE-2016-20009
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer Un desbordamiento del búfer en la región stack de la memoria del cliente DNS en la función ipdnsc_decode_name() afecta a Wind River VxWorks versiones 6.5 hasta 7. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no son compatibles con el mantenedor • https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets https://cert-portal.siemens.com/productcert/pdf/ssa-553445.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-28895 – integer overflow in calloc
https://notcve.org/view.php?id=CVE-2020-28895
In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. En Wind River VxWorks, el asignador de memoria presenta un posible desbordamiento en el calculo del tamaño del bloque de memoria que se asignará por medio de la función calloc(). Como resultado, la memoria real asignada es menor que el tamaño del búfer especificado por los argumentos, conllevando a una corrupción en la memoria • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895 https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11440
https://notcve.org/view.php?id=CVE-2020-11440
httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root. httpRpmFs en WebCLI en Wind River VxWorks versiones 5.5 hasta 7 SR0640, no comprueba si se presenta un escape de la web root • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440 https://windriver.com •