Every CVE whose affected-product data names Qnx Rtos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2004-1390 — CVSS 10.0 (critical): Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument…
CVE-2002-1239 — CVSS 7.2 (high): QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which…
CVE-2002-2040 — CVSS 7.2 (high): The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges…
CVE-2002-2041 — CVSS 7.2 (high): Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG…
CVE-2002-2042 — CVSS 7.2 (high): ptrace in the QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows programs to attach to privileged processes, which could allow…
CVE-2005-1528 — CVSS 7.2 (high): Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a…
CVE-2006-0621 — CVSS 7.2 (high): Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users to execute arbitrary code via a long first argument to the (1) su or…
CVE-2006-0623 — CVSS 7.2 (high): QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute…
CVE-2002-2407 — CVSS 6.9 (medium): Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for the files (1) /sbin/io-audio by OS…
CVE-2006-0620 — CVSS 6.2 (medium): Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the…
CVE-2006-0622 — CVSS 4.9 (medium): QNX Neutrino RTOS 6.3.0 allows local users to cause a denial of service (hang) by supplying a "break *0xb032d59f" command to gdb.
CVE-2005-3928 — CVSS 4.6 (medium): Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument.
CVE-2004-1391 — CVSS 4.6 (medium): Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by…
CVE-2006-0619 — CVSS 4.6 (medium): Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2)…
CVE-2002-2120 — CVSS 4.6 (medium): Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long filename arguments to (1) Watcom or (2)…
CVE-2002-2039 — CVSS 2.1 (low): /bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by…
CVE-2002-1983 — CVSS 2.1 (low): The timer implementation in QNX RTOS 6.1.0 allows local users to cause a denial of service (hang) and possibly execute arbitrary code by…
CVE-2005-2725 — CVSS 2.1 (low): The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is…