CVSS: 7.8EPSS: 26%CPEs: 3EXPL: 4CVE-2014-2533 – ifwatchd - Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-2533
18 Mar 2014 — /sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument. /sbin/ifwatchd en BlackBerry QNX Neutrino RTOS 6.4.x y 6.5.x permite a usuarios locales ganar privilegios proporcionando un nombre de programa arbitrario como un argumento de línea de comandos. • https://packetstorm.news/files/id/149713 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2014-2534 – QNX 6.4.x/6.5.x pppoectl - Information Disclosure
https://notcve.org/view.php?id=CVE-2014-2534
18 Mar 2014 — /sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow. /sbin/pppoectl en BlackBerry QNX Neutrino RTOS 6.4.x y 6.5.x permite a usuarios locales obtener información sensible mediante la lectura de líneas "bad parameter" en mensajes de error, tal y como fue demostrado por la lectura del hash de contraseña root en /etc/shadow. • https://www.exploit-db.com/exploits/32156 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 3%CPEs: 9EXPL: 1CVE-2013-2687
https://notcve.org/view.php?id=CVE-2013-2687
12 Jul 2013 — Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868. Desbordamiento de búfer basado en pila en la función bpe_decompress en (1) BlackBerry QNX Neutrino RTOS hasta v6.5.0 SP1 y (2) QNX Momentics Tool Suite hasta v6.... • http://aluigi.altervista.org/adv/qnxph_1-adv.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 1CVE-2013-2688
https://notcve.org/view.php?id=CVE-2013-2688
12 Jul 2013 — Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file. Desbordamiento de búfer en BlackBerry QNX Neutrino RTOS hasta v6.5.0 SP1 en QNX Software Development Platform, permite a atacantes remotos provocar una denegación de servicio (caída de ... • http://aluigi.altervista.org/adv/qnxph_1-adv.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •