Known Vulnerabilities for Vxworks by Windriver

Listed below are 10 of the newest known vulnerabilities associated with the software "Vxworks" by "Windriver".

These CVEs are retrieved based on exact matches on listed software and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-43268 An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading bey... Not Provided 2021-11-24 2021-11-24
CVE-2021-35535 Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows an attacker who manages to ... 8.1 - HIGH 2021-11-18 2021-11-18
CVE-2021-29999 An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server. 9.8 - CRITICAL 2021-04-13 2021-04-16
CVE-2021-29998 An issue was discovered in Wind River VxWorks before 6.5. There is a possible heap overflow in dhcp client. 9.8 - CRITICAL 2021-04-13 2021-07-30
CVE-2021-29997 An issue was discovered in Wind River VxWorks 7 before 21.03. A specially crafted packet may lead to buffer over-read on IKE. 5.3 - MEDIUM 2021-04-13 2021-06-10
CVE-2020-35198 An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory... 9.8 - CRITICAL 2021-05-12 2021-06-04
CVE-2020-28895 In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by cal... 7.3 - HIGH 2021-02-03 2021-07-21
CVE-2020-11440 httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root. 7.5 - HIGH 2020-07-23 2021-07-21
CVE-2020-10664 The IGMP component in VxWorks 6.8.3 IPNET CVE patches created in 2019 has a NULL Pointer Dereference. 7.5 - HIGH 2020-04-27 2021-02-22
CVE-2020-10288 IRC5 exposes an ftp server (port 21). Upon attempting to gain access you are challenged with a request of username and passwo... 9.8 - CRITICAL 2020-07-15 2020-07-23

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
WindriverVxworks7.0sr0630AllAll
Operating
System
WindriverVxworks7.0-AllAll
Operating
System
WindriverVxworks7AllAllAll
Operating
System
WindriverVxworks6.9.4.12AllAllAll
Operating
System
WindriverVxworks6.9.4.11AllAllAll
Operating
System
WindriverVxworks6.9.4.1AllAllAll
Operating
System
WindriverVxworks6.9.4AllAllAll
Operating
System
WindriverVxworks6.9.3.1AllAllAll
Operating
System
WindriverVxworks6.9.3AllAllAll
Operating
System
WindriverVxworks6.9.2AllAllAll
Operating
System
WindriverVxworks6.9.1AllAllAll
Operating
System
WindriverVxworks6.9AllAllAll
Operating
System
WindriverVxworks6.8.3AllAllAll
Operating
System
WindriverVxworks6.8AllAllAll
Operating
System
WindriverVxworks6.7AllAllAll
Operating
System
WindriverVxworks6.6AllAllAll
Operating
System
WindriverVxworks6.5AllAllAll
Operating
System
WindriverVxworks6.4AllAllAll
Operating
System
WindriverVxworks6AllAllAll
Operating
System
WindriverVxworks5.5.1AllAllAll

Popular searches for Vxworks

© CVE.report 2022 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report