VYPR
Vendor

Helix

Products
6
CVEs
12
Across products
13
Status
Private

Products

6

Recent CVEs

12
  • CVE-2023-45849CriNov 8, 2023
    risk 0.59cvss 9.0epss 0.01

    An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2. Reported by Jason Geffner.

  • CVE-2026-6902HigMay 18, 2026
    risk 0.50cvss epss 0.00

    A Remote Code Execution vulnerability in P4 (Helix Core) Server's Command-Line Client, prior to the 2025.2 Patch 2, has been fixed to address potential security risks.

  • CVE-2023-5759HigNov 8, 2023
    risk 0.49cvss 7.5epss 0.01

    In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner.  

  • CVE-2023-45319HigNov 8, 2023
    risk 0.49cvss 7.5epss 0.01

    In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the commit function was identified. Reported by Jason Geffner. 

  • CVE-2023-35767HigNov 8, 2023
    risk 0.49cvss 7.5epss 0.01

    In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Jason Geffner.  

  • CVE-2007-4904Sep 17, 2007
    risk 0.03cvss epss 0.03

    RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error.

  • CVE-2009-4248Jan 25, 2010
    risk 0.01cvss epss 0.07

    Buffer overflow in the RTSPProtocol::HandleSetParameterRequest function in client/core/rtspprotocol.cpp in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux…

  • CVE-2010-0417Feb 18, 2010
    risk 0.00cvss epss 0.04

    Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a RuleBook structure with a large number of rule-separator characters that trigger heap…

  • CVE-2007-4561Aug 28, 2007
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers.

  • CVE-2000-0723Oct 20, 2000
    risk 0.00cvss epss 0.00

    Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config.

  • CVE-2000-0722Oct 20, 2000
    risk 0.00cvss epss 0.00

    Helix GNOME Updater helix-update 0.5 and earlier allows local users to install arbitrary RPM packages by creating the /tmp/helix-install installation directory before root has begun installing packages.

  • CVE-2000-0724Oct 20, 2000
    risk 0.00cvss epss 0.00

    The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files.