GCVE - cpe:2.3:o:blackberry:qnx_neutrino

Approved changes feed: RSS · Atom

cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.5.0:*:*:*:*:*:*:*

part: o version: 6.5.0 update: *

Vendor	Blackberry (`248c4d29-a9fb-529f-b35a-888413af537f`)
Product	Qnx Neutrino Rtos (`50300466-a008-54b8-83d9-e528cce1bc4b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-2534`	vulnerable	2026-06-03 14:33:51.126926	Details available /sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow. Published: 2014-03-18T01:00:00.000Z Updated: 2024-08-06T10:14:26.718Z Open on db.gcve.eu Reference links http://www.exploit-db.com/exploits/32156/ http://seclists.org/fulldisclosure/2014/Mar/124 http://seclists.org/bugtraq/2014/Mar/66 http://seclists.org/fulldisclosure/2014/Mar/98 http://seclists.org/bugtraq/2014/Mar/88	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-2533`	vulnerable	2026-06-03 14:33:51.125942	Details available /sbin/ifwatchd in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to gain privileges by providing an arbitrary program name as a command-line argument. Published: 2014-03-18T01:00:00.000Z Updated: 2024-08-06T10:14:26.825Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2014/Mar/124 https://www.exploit-db.com/exploits/45575/ http://seclists.org/bugtraq/2014/Mar/66 http://seclists.org/fulldisclosure/2014/Mar/98 http://seclists.org/bugtraq/2014/Mar/88	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-2688`	vulnerable	2026-06-03 14:33:03.286334	Details available Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868 that leverage improper handling of the /dev/photon device file. Published: 2013-07-12T16:00:00.000Z Updated: 2024-09-16T19:05:19.836Z Open on db.gcve.eu Reference links http://aluigi.altervista.org/adv/qnxph_1-adv.txt http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01 http://www.qnx.com/download/feature.html?programid=24850	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-2687`	vulnerable	2026-06-03 14:33:03.285761	Details available Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and (2) QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted packets to TCP port 4868. Published: 2013-07-12T16:00:00.000Z Updated: 2024-09-17T03:33:05.126Z Open on db.gcve.eu Reference links http://aluigi.altervista.org/adv/qnxph_1-adv.txt http://ics-cert.us-cert.gov/advisories/ICSA-13-189-01 http://www.qnx.com/download/feature.html?programid=24850	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

BlackBerry QNX Neutrino RTOS 6.5.0

PURL mappings

Vulnerability references

Contribute