GCVE - cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:windriver:vxworks:7.0:*:*:*:*:*:*:*

part: o version: 7.0 update: *

Vendor	Windriver (`1c9d3e00-99c4-5be7-a4c6-5cc8709ef134`)
Product	Vxworks (`437ab3e0-0513-5f7d-b676-0a34e46c28dc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-38767`	vulnerable	2026-06-08 05:47:17.031708	Details available An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure. Published: 2022-11-25T00:00:00.000Z Updated: 2026-04-14T08:58:05.041Z Open on db.gcve.eu Reference links https://windriver.com https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2022-38767	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-23937`	vulnerable	2026-06-08 05:40:59.364097	Details available MEDIUM (5.3) In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario. Published: 2022-03-29T01:21:06.000Z Updated: 2024-08-03T03:59:23.097Z Open on db.gcve.eu Reference links https://support2.windriver.com/index.php?page=security-notices https://support2.windriver.com/index.php?page=cve&pg=21#list	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-12264`	vulnerable	2026-06-08 05:12:38.847301	Details available Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. Published: 2019-08-05T17:34:25.000Z Updated: 2024-08-04T23:17:39.330Z Open on db.gcve.eu Reference links https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12264 https://www.windriver.com/security/announcements/tcp-ip-network-stack-ipnet-urgent11/ https://support.f5.com/csp/article/K41190253 https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03960en_us	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-12262`	vulnerable	2026-06-08 05:12:38.833593	Details available Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Control in the RARP client component. IPNET security vulnerability: Handling of unsolicited Reverse ARP replies (Logical Flaw). Published: 2019-08-14T19:18:13.000Z Updated: 2024-08-04T23:17:39.465Z Open on db.gcve.eu Reference links https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-12262 https://support.f5.com/csp/article/K41190253 https://cert-portal.siemens.com/productcert/pdf/ssa-189842.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-352504.pdf	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-3963`	vulnerable	2026-06-08 05:06:38.894955	Details available Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices before J2 and other devices, does not properly generate TCP initial sequence number (ISN) values, which makes it easier for remote attackers to spoof TCP sessions by predicting an ISN value. Published: 2015-08-04T01:00:00.000Z Updated: 2024-08-06T06:04:01.028Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/75302 http://www.securitytracker.com/id/1032730 http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01 https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01A http://www.securitytracker.com/id/1033181	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.