Qnx Software Development Platform (Sdp)
Approved changes feed: RSS · Atom
cpe:2.3:a:blackberry:qnx_software_development_platform_(sdp):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Blackberry (248c4d29-a9fb-529f-b35a-888413af537f) |
|---|---|
| Product | Qnx Software Development Platform (Sdp) (6e2b2f35-5e3b-5aec-b86a-f17080cd13a5) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-2474 |
vulnerable | 2026-06-03 15:00:25.523404 |
Vulnerability in PCX Image Codec Impacts QNX Software Development Platform
CRITICAL (9.8)
Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.
Published: 2025-06-10T17:38:03.661Z
Updated: 2025-06-10T18:24:20.690Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48858 |
vulnerable | 2026-06-03 14:57:10.284597 |
Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
HIGH (7.5)
Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.
Published: 2025-01-14T19:09:15.560Z
Updated: 2025-01-15T15:16:17.859Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48857 |
vulnerable | 2026-06-03 14:57:10.284174 |
Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
HIGH (7.5)
NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.
Published: 2025-01-14T19:06:38.040Z
Updated: 2025-01-14T19:13:28.840Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48856 |
vulnerable | 2026-06-03 14:57:10.283696 |
Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
CRITICAL (9.8)
Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.
Published: 2025-01-14T19:03:33.883Z
Updated: 2025-01-15T15:16:40.007Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48855 |
vulnerable | 2026-06-03 14:57:10.283332 |
Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
MEDIUM (5.3)
Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.
Published: 2025-01-14T18:59:25.736Z
Updated: 2025-02-12T20:31:19.335Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-48854 |
vulnerable | 2026-06-03 14:57:10.279516 |
Vulnerabilities in TIFF and PCX Image Codecs Impact QNX Software Development Platform
MEDIUM (5.3)
Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.
Published: 2025-01-14T18:53:25.936Z
Updated: 2025-01-14T20:15:07.523Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-35215 |
vulnerable | 2026-06-03 14:55:55.709101 |
Details available
MEDIUM (6.2)
NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a denial-of-service condition in the context of the Networking Stack process.
Published: 2024-10-08T17:35:57.156Z
Updated: 2025-08-22T15:47:01.556Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-35213 |
vulnerable | 2026-06-03 14:55:55.703903 |
Vulnerability in SGI Image Codec Impacts BlackBerry QNX Software Development Platform (SDP)
CRITICAL (9)
An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process.
Published: 2024-06-11T18:37:04.161Z
Updated: 2025-09-09T15:04:56.924Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-32701 |
vulnerable | 2026-06-03 14:51:59.792129 |
Vulnerability in Networking Stack Impacts QNX Software Development Platform (SDP)
HIGH (7.1)
Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause Information Disclosure or a Denial-of-Service condition.
Published: 2023-11-14T18:33:59.148Z
Updated: 2025-09-09T15:06:29.621Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-32024 |
vulnerable | 2026-06-03 14:44:34.249070 |
Details available
CRITICAL (9.8)
A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.
Published: 2021-12-13T18:06:24.000Z
Updated: 2025-09-09T15:07:31.697Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-6932 |
vulnerable | 2026-06-03 14:42:59.308855 |
Details available
CRITICAL (10)
An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server.
Published: 2020-08-12T12:21:32.000Z
Updated: 2025-08-22T15:16:18.943Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-9369 |
vulnerable | 2026-06-03 14:37:41.523484 |
Details available
LOW (3.8)
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment variables that influence the loader.
Published: 2017-11-14T21:00:00.000Z
Updated: 2025-08-26T17:30:03.762Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-3892 |
vulnerable | 2026-06-03 14:37:17.546699 |
Details available
LOW (3.8)
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands targeting procfs resources.
Published: 2017-11-14T21:00:00.000Z
Updated: 2025-08-26T17:27:35.177Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.