Blackberry Qnx Software Development Platform — known CVE vulnerabilities
Every CVE whose affected-product data names Blackberry Qnx Software Development Platform, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2020-6932 — CVSS 10.0 (critical): An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development…
CVE-2025-2474 — CVSS 9.8 (critical): Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a…
CVE-2021-32024 — CVSS 9.8 (critical): A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to…
CVE-2024-48856 — CVSS 9.8 (critical): Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a…
CVE-2017-3891 — CVSS 9.6 (critical): In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the…
CVE-2024-35213 — CVSS 9.0 (critical): An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to…
CVE-2021-22156 — CVSS 9.0 (critical): An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Software…
CVE-2021-32025 — CVSS 8.1 (high): An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX Software Development Platform version(s)…
CVE-2013-2687 — CVSS 7.8 (high): Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool…
CVE-2019-8998 — CVSS 7.8 (high): An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc filesystem)…
CVE-2024-48858 — CVSS 7.5 (high): Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a…
CVE-2024-48857 — CVSS 7.5 (high): NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a…
CVE-2023-32701 — CVSS 7.1 (high): Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause…
CVE-2024-35215 — CVSS 6.2 (medium): NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1…
CVE-2013-2688 — CVSS 5.4 (medium): Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote…
CVE-2024-48854 — CVSS 5.3 (medium): Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an…
CVE-2024-48855 — CVSS 5.3 (medium): Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an…
CVE-2017-3892 — CVSS 3.8 (low): In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the…
CVE-2017-9369 — CVSS 3.8 (low): In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the…
CVE-2017-9371 — CVSS 2.6 (low): In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default…
CVE-2017-3893 — CVSS 1.9 (low): In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances…