Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37915 | 1 Objectcomputing | 1 Opendds | 2023-08-01 | N/A | 7.5 HIGH |
| OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS crashes while parsing a malformed `PID_PROPERTY_LIST` in a DATA submessage during participant discovery. Attackers can remotely crash OpenDDS processes by sending a DATA submessage containing the malformed parameter to the known multicast port. This issue has been addressed in version 3.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2021-38447 | 1 Objectcomputing | 1 Opendds | 2022-05-13 | 4.3 MEDIUM | 7.5 HIGH |
| OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition. | |||||
| CVE-2021-38445 | 1 Objectcomputing | 1 Opendds | 2022-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| OCI OpenDDS versions prior to 3.18.1 do not handle a length parameter consistent with the actual length of the associated data, which may allow an attacker to remotely execute arbitrary code. | |||||
| CVE-2021-38429 | 1 Objectcomputing | 1 Opendds | 2022-05-13 | 6.4 MEDIUM | 9.1 CRITICAL |
| OCI OpenDDS versions prior to 3.18.1 are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, which may result in a denial-of-service condition and information exposure. | |||||