This page lists publicly disclosed CVE vulnerabilities affecting qnx rtp (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2004-1391 | Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program. | [email protected] | 4.6 | 0.56% | 2004-12-31 | 2026-04-16 |
| CVE-2004-1390 | Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the (1) -F, (2) name, (3) en, (4) upscript, (5) downscript, (6) retries, (7) timeout, (8) scriptdetach, (9) noscript, (10) nodetach, (11) remote_mac, or (12) local_mac flags. | [email protected] | 10.0 | 7.34% | 2004-12-31 | 2026-04-16 |
| CVE-2004-1681 | Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter. | [email protected] | 7.2 | 1.05% | 2004-08-26 | 2026-04-16 |
| CVE-2004-1682 | Format string vulnerability in QNX 6.1 FTP client allows remote authenticated users to gain group bin privileges via format string specifiers in the QUOTE command. | [email protected] | 10.0 | 2.47% | 2004-08-15 | 2026-04-16 |
| CVE-2001-0325 | Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. | [email protected] | 7.5 | 2.14% | 2001-05-03 | 2026-06-16 |