CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48858 – Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
https://notcve.org/view.php?id=CVE-2024-48858
14 Jan 2025 — Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec. • https://support.blackberry.com/pkb/s/article/140334 • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48857 – Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
https://notcve.org/view.php?id=CVE-2024-48857
14 Jan 2025 — NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec. • https://support.blackberry.com/pkb/s/article/140334 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48856 – Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
https://notcve.org/view.php?id=CVE-2024-48856
14 Jan 2025 — Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec. • https://support.blackberry.com/pkb/s/article/140334 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48855 – Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
https://notcve.org/view.php?id=CVE-2024-48855
14 Jan 2025 — Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec. • https://support.blackberry.com/pkb/s/article/140334 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48854 – Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
https://notcve.org/view.php?id=CVE-2024-48854
14 Jan 2025 — Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec. • https://support.blackberry.com/pkb/s/article/140334 • CWE-193: Off-by-one Error •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35215
https://notcve.org/view.php?id=CVE-2024-35215
08 Oct 2024 — NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process. • https://support.blackberry.com/pkb/s/article/140162 • CWE-476: NULL Pointer Dereference •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35213 – Vulnerability in SGI Image Codec Impacts BlackBerry QNX Software Development Platform (SDP)
https://notcve.org/view.php?id=CVE-2024-35213
11 Jun 2024 — An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process. Una vulnerabilidad de validación de entrada incorrecta en el códec de imágenes SGI de las versiones 6.6, 7.0 y 7.1 de QNX SDP podría permitir que un atacante cause potencialmente una condición de denegación de servicio o ejecute código en el contexto del proceso de p... • https://support.blackberry.com/pkb/s/article/139914 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32701 – Vulnerability in Networking Stack Impacts QNX Software Development Platform (SDP)
https://notcve.org/view.php?id=CVE-2023-32701
14 Nov 2023 — Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause Information Disclosure or a Denial-of-Service condition. Una validación de entrada inadecuada en Networking Stack de QNX SDP versiones 6.6, 7.0 y 7.1 podría permitir que un atacante cause potencialmente la divulgación de información o una condición de denegación de servicio. • https://support.blackberry.com/kb/articleDetail?articleNumber=000112401 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-32025
https://notcve.org/view.php?id=CVE-2021-32025
09 Mar 2022 — An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s) 6.4.0 to 7.0, QNX Momentics all 6.3.x versions, QNX OS for Safety versions 1.0.0 to 1.0.2, QNX OS for Safety versions 2.0.0 to 2.0.1, QNX for Medical versions 1.0.0 to 1.1.1, and QNX OS for Medical version 2.0.0 could allow an attacker to potentially access data, modify behavior, or permanently crash the system. Una vulnerabilidad de elevación de privilegios en el QNX Neutr... • http://support.blackberry.com/kb/articleDetail?articleNumber=000090868 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2021-32024
https://notcve.org/view.php?id=CVE-2021-32024
13 Dec 2021 — A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process. Una vulnerabilidad de ejecución de código remota en el códec de imágenes BMP de BlackBerry QNX SDP versiones 6.4 a 7.1, podría permitir a un atacante ejecutar potencialmente código en el contexto del proceso afectado • http://support.blackberry.com/kb/articleDetail?articleNumber=000089042 •