CVE-2025-2474

Critical CVSS: 9.8

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.

Vendor

Blackberry

Product

Qnx Software Development Platform

CWE

CWE-787

Yayın Tarihi

2025-06-10 18:15:30

Güncelleme

2025-12-01 18:05:04

Source Identifier

secure@blackberry.com

KEV Date Added

Kategoriler

CWE-787 Qnx Software Development Platform CRITICAL Blackberry 2025

Referanslar

https://support.blackberry.com/pkb/s/article/140646

Benzer Kayıtlar

Medium

CVE-2025-12766

An Insecure Direct Object Reference (IDOR) vulnerability in the Management Console of BlackBerry® AtHoc® (OnPrem) versio…

High

CVE-2024-48858

Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated att…

Medium

CVE-2024-48854

Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to…

Medium

CVE-2024-48855

Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker…

Critical

CVE-2024-48856

Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker…

High

CVE-2024-48857

NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated atta…