CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-38346
https://notcve.org/view.php?id=CVE-2023-38346
22 Sep 2023 — An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute file paths. A developer using the "tarExtract" function may expect that the function will strip leading slashes from absolute paths or stop processing when encountering relative paths that are outside of the extraction path, unless otherwise forced. This could lead to unexpected and undocumented behavior, which i... • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2023-38346 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-38767
https://notcve.org/view.php?id=CVE-2022-38767
25 Nov 2022 — An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure. Se descubrió un problema en Wind River VxWorks 6.9 y 7, que permite que un paquete específicamente manipulado enviado por un servidor Radius pueda causar denegación de servicio durante el procedimiento de acceso a IP Radius. • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2022-38767 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23937
https://notcve.org/view.php?id=CVE-2022-23937
29 Mar 2022 — In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario. En Wind River VxWorks versiones 6.9 y 7, un paquete diseñado específico puede provocar una lectura fuera de límites durante un escenario de intercambio inicial de IKE • https://support2.windriver.com/index.php?page=cve&pg=21#list • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43268
https://notcve.org/view.php?id=CVE-2021-43268
24 Nov 2021 — An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free. Se ha detectado un problema en VxWorks versiones 6.9 a 7. En el componente IKE, un paquete específicamente diseñado puede conllevar a una lectura más allá del final de un búfer, o una doble liberación • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268 • CWE-415: Double Free •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-35198
https://notcve.org/view.php?id=CVE-2020-35198
12 May 2021 — An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. Se detectó un problema en Wind River VxWorks versión 7. El asignador de memoria presenta un posible desbordamiento de enteros al calcular el tamaño de un bloque de memoria que es asignado por una función calloc().... • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-35198 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 1CVE-2016-20009
https://notcve.org/view.php?id=CVE-2016-20009
11 Mar 2021 — A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer Un desbordamiento del búfer en la región stack de la memoria del cliente DNS en la función ipdnsc_decode_name() afecta a Wind River VxWorks versiones 6.5 hasta 7. NOTA: Esta vulnerabilidad solo afecta a los productos que ya no son compatibles con el mantenedor • https://blog.exodusintel.com/2016/08/09/vxworks-execute-my-packets • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-28895 – integer overflow in calloc
https://notcve.org/view.php?id=CVE-2020-28895
03 Feb 2021 — In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. En Wind River VxWorks, el asignador de memoria presenta un posible desbordamiento en el calculo del tamaño del bloque de memoria que se asignará por medio de la función calloc(). Como resultado, la memoria real asignada es menor que el tamaño d... • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-11440
https://notcve.org/view.php?id=CVE-2020-11440
23 Jul 2020 — httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root. httpRpmFs en WebCLI en Wind River VxWorks versiones 5.5 hasta 7 SR0640, no comprueba si se presenta un escape de la web root • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-11440 •
CVSS: 9.8EPSS: 0%CPEs: 49EXPL: 0CVE-2019-12262
https://notcve.org/view.php?id=CVE-2019-12262
14 Aug 2019 — Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). Wind River VxWorks versiones 6.6, 6.7, 6.8, 6.9 y 7, presenta un Control de Acceso Incorrecto en el componente cliente RARP. Vulnerabilidad de seguridad IPNET: Manejo de respuestas Reverse ARP no solicitadas (Fallo Lógico). • https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf •
CVSS: 9.8EPSS: 2%CPEs: 72EXPL: 0CVE-2019-12261
https://notcve.org/view.php?id=CVE-2019-12261
09 Aug 2019 — Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. Wind River VxWorks versiones 6.7 hasta 6.9 y vx7, presenta un Desbordamiento de Búfer en el componente TCP (problema 3 de 4). Se trata de una vulnerabilidad de seguridad de IPNET: Confusión de estado de TCP Urgent Pointer durante la función connect() a un host remoto. • https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •