Filtered by vendor Qnx Subscriptions
Total 38 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-4082 1 Qnx 1 Qnx 2026-04-16 N/A
The dhcp.client program for QNX 4.25 vmware is setuid, possibly by default, which allows local users to modify the NIC configuration and conduct other attacks.
CVE-2002-1983 1 Qnx 1 Rtos 2026-04-16 N/A
The timer implementation in QNX RTOS 6.1.0 allows local users to cause a denial of service (hang) and possibly execute arbitrary code by creating multiple timers with a 1-ms tick.
CVE-2002-2039 1 Qnx 1 Rtos 2026-04-16 N/A
/bin/su in QNX realtime operating system (RTOS) 4.25 and 6.1.0 allows local users to obtain sensitive information from core dump files by sending the SIGSERV (invalid memory reference) signal.
CVE-2002-2041 1 Qnx 1 Rtos 2026-04-16 N/A
Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer.
CVE-2002-2120 1 Qnx 1 Rtos 2026-04-16 N/A
Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long filename arguments to (1) Watcom or (2) int10.
CVE-2002-2409 1 Qnx 2 Neutrino Rtos, Photon Microgui 2026-04-16 N/A
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID.
CVE-2006-0618 1 Qnx 1 Neutrino Rtos 2026-04-16 N/A
Format string vulnerability in fontsleuth in QNX Neutrino RTOS 6.3.0 allows local users to execute arbitrary code via format string specifiers in the zeroth argument (program name).
CVE-2006-0619 1 Qnx 1 Rtos 2026-04-16 N/A
Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2) ABLANG environment variables in the libAP library (libAp.so.2) or (3) a long PHOTON_PATH environment variable to the setitem function in the libph library.
CVE-2006-0620 1 Qnx 1 Rtos 2026-04-16 N/A
Race condition in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code via unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables.
CVE-2002-2407 1 Qnx 1 Rtos 2026-04-16 N/A
Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for the files (1) /sbin/io-audio by OS Update Patch A, (2) /bin/shutdown, (3) /sbin/fs-pkg, and (4) phshutdown by QNX experimental patches, (5) cpim, (6) vpim, (7) phrelaycfg, and (8) columns, (9) othello, (10) peg, (11) solitaire, and (12) vpoker in the games pack 2.0.3, which allows local users to gain privileges by modifying the files before permissions are changed.
CVE-2005-1528 1 Qnx 1 Rtos 2026-04-16 N/A
Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a LD_LIBRARY_PATH environment variable that references a malicious library.
CVE-2025-27077 2 Qnx, Qualcomm 56 Qnx, Qam8255p, Qam8255p Firmware and 53 more 2026-02-26 7.8 High
Memory corruption while processing message in guest VM.
CVE-2025-47315 2 Qnx, Qualcomm 56 Qnx, Qam8255p, Qam8255p Firmware and 53 more 2026-02-26 7.8 High
Memory corruption while handling repeated memory unmap requests from guest VM.
CVE-2025-47347 2 Qnx, Qualcomm 76 Qnx, Qam8255p, Qam8255p Firmware and 73 more 2026-02-26 7.8 High
Memory corruption while processing control commands in the virtual memory management interface.
CVE-2025-47360 2 Qnx, Qualcomm 72 Qnx, Qam8255p, Qam8255p Firmware and 69 more 2026-02-26 7.8 High
Memory corruption while processing client message during device management.
CVE-2025-47361 2 Qnx, Qualcomm 58 Qnx, Qam8255p, Qam8255p Firmware and 55 more 2026-02-26 7.8 High
Memory corruption when triggering a subsystem crash with an out-of-range identifier.
CVE-2025-47362 2 Qnx, Qualcomm 78 Qnx, Msm8996au, Msm8996au Firmware and 75 more 2025-11-05 6.1 Medium
Information disclosure while processing message from client with invalid payload.
CVE-2011-4060 1 Qnx 1 Neutrino Rtos 2025-04-11 N/A
The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environment variables when a program is spawned from a setuid program, which allows local users to overwrite files via a symlink attack.