Qnx Software Development Platform (Qnx Sdp)
Approved changes feed: RSS · Atom
cpe:2.3:a:blackberry:qnx_software_development_platform_(qnx_sdp):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Blackberry (248c4d29-a9fb-529f-b35a-888413af537f) |
|---|---|
| Product | Qnx Software Development Platform (Qnx Sdp) (1b80da9f-6a57-514d-9572-da5ec3129c5a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-8998 |
vulnerable | 2026-06-03 14:40:48.577080 |
Details available
HIGH (7.8)
An information disclosure vulnerability leading to a potential local escalation of privilege in the procfs service (the /proc filesystem) of BlackBerry QNX Software Development Platform version(s) 6.5.0 SP1 and earlier could allow an attacker to potentially gain unauthorized access to a chosen process address space.
Published: 2019-07-12T15:30:28.000Z
Updated: 2025-08-22T15:09:48.377Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-9371 |
vulnerable | 2026-06-03 14:37:41.528768 |
Details available
LOW (2.6)
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control over environmental factors that influence seed generation.
Published: 2017-11-14T21:00:00.000Z
Updated: 2025-08-22T15:05:29.013Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-3893 |
vulnerable | 2026-06-03 14:37:17.547092 |
Incomplete vulnerability mitigations
LOW (1.9)
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks.
Published: 2017-11-14T21:00:00.000Z
Updated: 2025-07-22T15:25:07.257Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-3891 |
vulnerable | 2026-06-03 14:37:17.544656 |
Details available
CRITICAL (9.6)
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the QNX SDP with QNet enabled on networks comprising two or more QNet nodes could allow an attacker to access local and remote files or take ownership of files on other QNX nodes regardless of permissions by executing commands targeting arbitrary nodes from a secondary QNX 6.6.0 QNet node.
Published: 2017-11-14T21:00:00.000Z
Updated: 2025-08-22T14:48:09.392Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.