Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*
  • CPE Name Search: true
There are 3 matching records.
Displaying matches 1 through 3.
Vuln ID Summary CVSS Severity

An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.

Published: May 12, 2021; 7:15:07 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH

** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Published: March 11, 2021; 5:15:12 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH

httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.

Published: July 23, 2020; 10:15:12 AM -0400
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM