CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

oracle

communications_eagle

4 known vulnerabilities · sorted by CVSS score

CVE-2019-12261

CRITICAL9.8

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.

windriver / vxworks+32

Network

Published Aug 9, 2019

CVE-2020-35198

CRITICAL9.8

An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.

windriver / vxworks+7

Network

Published May 12, 2021

CVE-2019-12260

CRITICAL9.8

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.

windriver / vxworks+32

Network

Published Aug 9, 2019

CVE-2020-28895

HIGH7.3

In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.

windriver / vxworks+5

Network

Published Feb 3, 2021