Eclipse Cyclone_data_distribution_service
4 CVEs affecting Eclipse Cyclone_data_distribution_service. Latest disclosed: 2025-12-23. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-67109 | Critical | 10.0 | 2025-12-23 | Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with Sys… |
CVE-2024-10838 | Critical | 9.1 | 2025-03-12 | An integer underflow during deserialization may allow any unauthenticated user to read out of bounds heap memory. This may result into secret data or pointers… |
CVE-2020-18735 | High | 7.5 | 2021-08-23 | A heap buffer overflow in /src/dds_stream.c of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash. |
CVE-2020-18734 | High | 7.5 | 2021-08-23 | A stack buffer overflow in /ddsi/q_bitset.h of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash. |