Eclipse

Threadx

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-55080

  • EPSS 0.02%
  • Veröffentlicht 15.10.2025 05:41:50
  • Zuletzt bearbeitet 22.10.2025 16:31:40

In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write.

5.5

CVE-2025-55079

Exploit
  • EPSS 0.02%
  • Veröffentlicht 15.10.2025 04:29:00
  • Zuletzt bearbeitet 22.10.2025 16:36:32

In Eclipse ThreadX before version 6.4.3, the thread module has a setting of maximum priority. In some cases the check of that maximum priority wasn't performed, allowing, as a result, to obtain a thread with higher priority than expected and causing ...

5.5

CVE-2025-55078

Exploit
  • EPSS 0.02%
  • Veröffentlicht 14.10.2025 07:28:56
  • Zuletzt bearbeitet 21.10.2025 19:45:33

In Eclipse ThreadX before version 6.4.3, an attacker can cause a denial of service (crash) by providing a pointer to a reserved or unmapped memory region. Vulnerable system calls had a check of pointers, but that check wasn't verifying whether the po...

7.5

CVE-2025-2259

  • EPSS 0.06%
  • Veröffentlicht 06.04.2025 19:15:41
  • Zuletzt bearbeitet 31.07.2025 16:34:08

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one...

7.5

CVE-2025-2260

  • EPSS 0.06%
  • Veröffentlicht 06.04.2025 19:15:41
  • Zuletzt bearbeitet 31.07.2025 16:31:39

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause a denial of service by specially crafted packets. The core issue is missing closing of a file in case of an error condition, resulting in the...

7.5

CVE-2025-2258

  • EPSS 0.06%
  • Veröffentlicht 06.04.2025 18:50:42
  • Zuletzt bearbeitet 31.07.2025 16:34:14

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content...

7.5

CVE-2025-0728

  • EPSS 0.11%
  • Veröffentlicht 21.02.2025 09:15:10
  • Zuletzt bearbeitet 31.07.2025 16:33:10

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smalle...

7.5

CVE-2025-0727

  • EPSS 0.11%
  • Veröffentlicht 21.02.2025 09:15:09
  • Zuletzt bearbeitet 31.07.2025 16:33:00

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one...

7.5

CVE-2025-0726

  • EPSS 0.11%
  • Veröffentlicht 21.02.2025 08:15:28
  • Zuletzt bearbeitet 31.07.2025 16:32:38

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause a denial of service by specially crafted packets. The core issue is missing closing of a file in case of an error condition, resulting in the...

7.8

CVE-2024-2212

Exploit
  • EPSS 0.13%
  • Veröffentlicht 26.03.2024 16:15:13
  • Zuletzt bearbeitet 13.02.2025 18:17:52

In Eclipse ThreadX before 6.4.0, xQueueCreate() and xQueueCreateSet() functions from the FreeRTOS compatibility API (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c) were missing parameter checks. This could lead to integer wraparound, ...