VYPR

Connext Professional

by Rti

CVEs (32)

  • CVE-2024-52063Dec 13, 2024
    risk 0.00cvss epss 0.00

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21,…

  • CVE-2024-52062Dec 13, 2024
    risk 0.00cvss epss 0.00

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before…

  • CVE-2024-52061Dec 13, 2024
    risk 0.00cvss epss 0.00

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Queuing Service, Recording Service, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before…

  • CVE-2024-52060Dec 13, 2024
    risk 0.00cvss epss 0.00

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This…

  • CVE-2024-52059Dec 13, 2024
    risk 0.00cvss epss 0.00

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0…

  • CVE-2024-52058Dec 13, 2024
    risk 0.00cvss epss 0.01

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in RTI Connext Professional (System Designer) allows OS Command Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.19.

  • CVE-2024-52057Dec 13, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTI Connext Professional (Queuing Service) allows SQL Injection.This issue affects Connext Professional: from 7.0.0 before 7.3.0, from 6.1.0 before 6.1.2.17, from 6.0.0 before…

  • CVE-2024-25724May 21, 2024
    risk 0.00cvss epss 0.00

    In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected service's privileges, compromise the service's…

  • CVE-2021-38435May 5, 2022
    risk 0.00cvss epss 0.01

    RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow.

  • CVE-2021-38433May 5, 2022
    risk 0.00cvss epss 0.01

    RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.

  • CVE-2021-38427May 5, 2022
    risk 0.00cvss epss 0.01

    RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.

  • CVE-2021-38487May 5, 2022
    risk 0.00cvss epss 0.03

    RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure.

Page 2 of 2