GCVE - cpe:2.3:a:blackberry:qnx_software_development

Approved changes feed: RSS · Atom

cpe:2.3:a:blackberry:qnx_software_development_platform:6.6.0:*:*:*:*:*:*:*

part: a version: 6.6.0 update: *

Vendor	Blackberry (`248c4d29-a9fb-529f-b35a-888413af537f`)
Product	Qnx Software Development Platform (`5838c20d-6a77-5aaf-8bed-3d521dab87e0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-35213`	vulnerable	2026-06-03 14:55:55.701663	Vulnerability in SGI Image Codec Impacts BlackBerry QNX Software Development Platform (SDP) CRITICAL (9) An improper input validation vulnerability in the SGI Image Codec of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause a denial-of-service condition or execute code in the context of the image processing process. Published: 2024-06-11T18:37:04.161Z Updated: 2025-09-09T15:04:56.924Z Open on db.gcve.eu Reference links https://support.blackberry.com/pkb/s/article/139914	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-32701`	vulnerable	2026-06-03 14:51:59.793300	Vulnerability in Networking Stack Impacts QNX Software Development Platform (SDP) HIGH (7.1) Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could allow an attacker to potentially cause Information Disclosure or a Denial-of-Service condition. Published: 2023-11-14T18:33:59.148Z Updated: 2025-09-09T15:06:29.621Z Open on db.gcve.eu Reference links https://support.blackberry.com/kb/articleDetail?articleNumber=000112401	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9371`	vulnerable	2026-06-03 14:37:41.528869	Details available LOW (2.6) In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control over environmental factors that influence seed generation. Published: 2017-11-14T21:00:00.000Z Updated: 2025-08-22T15:05:29.013Z Open on db.gcve.eu Reference links http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000046674	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9369`	vulnerable	2026-06-03 14:37:41.525149	Details available LOW (3.8) In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout of higher privileged processes by manipulating environment variables that influence the loader. Published: 2017-11-14T21:00:00.000Z Updated: 2025-08-26T17:30:03.762Z Open on db.gcve.eu Reference links http://support.blackberry.com/kb/articleDetail?articleNumber=000046674	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-3893`	vulnerable	2026-06-03 14:37:17.547130	Incomplete vulnerability mitigations LOW (1.9) In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent attackers from modifying the GOT or PLT tables with buffer overflow attacks. Published: 2017-11-14T21:00:00.000Z Updated: 2025-07-22T15:25:07.257Z Open on db.gcve.eu Reference links http://support.blackberry.com/kb/articleDetail?articleNumber=000046674	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-3892`	vulnerable	2026-06-03 14:37:17.546740	Details available LOW (3.8) In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to gain information relating to memory layout that could be used in a blended attack by executing commands targeting procfs resources. Published: 2017-11-14T21:00:00.000Z Updated: 2025-08-26T17:27:35.177Z Open on db.gcve.eu Reference links http://support.blackberry.com/kb/articleDetail?articleNumber=000046674	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-3891`	vulnerable	2026-06-03 14:37:17.545373	Details available CRITICAL (9.6) In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the QNX SDP with QNet enabled on networks comprising two or more QNet nodes could allow an attacker to access local and remote files or take ownership of files on other QNX nodes regardless of permissions by executing commands targeting arbitrary nodes from a secondary QNX 6.6.0 QNet node. Published: 2017-11-14T21:00:00.000Z Updated: 2025-08-22T14:48:09.392Z Open on db.gcve.eu Reference links http://support.blackberry.com/kb/articleDetail?articleNumber=000046674 https://www.midnightbluelabs.com/blog/2017/12/8/elevation-of-privilege-vulnerability-in-qnx-qnet	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

BlackBerry QNX Software Development Platform (SDP) 6.6.0

PURL mappings

Vulnerability references

Contribute