QNX inputtrap from QNX RTOS versions 6.3 and 6.1.0 suffers from an arbitrary file read vulnerability.
f5bb3f5978c5bf87593d30ca3d98a914fef593639b7c16be2d448698febb7bf0
QNX crttrap has a -c flag to specify where trap file will be written. Combined with the trap flag it is possible to read or write any file in the disk. QNX RTOS 2.4, 4.25, 6.1.0, 6.2.0 are all affected.
fb4f56b2ec2fdf473fcce500ead2b39f939a04c5e82ccc3ef3ae44701188dac7
A possible race condition exists in QNX RTP 6.1 due to a program being called without a complete path.
a9f8a0e80084bb3cbcd294a6a08d9050b2f8a488b2ad2599b22b26500637b8c8
The QNX FTP client is susceptible to a format string attack.
54dbf220789cb41ca47430f8e654f569abfc0cc3ba2d95fd72f40e340ff4ce8d
Various buffer overflow conditions exist in four binaries of QNX Photon.
7d4fd2f4fa6f9fcbf81ffa0c9a0d491f52069de930018beb226dff49f8c43510
rfdslabs security advisory - QNX PPPoEd is susceptible to multiple local root vulnerabilities. QNX RTP 6.1 is affected.
9ede65eb6707ad4a2815b517a4730417e97987b4d3aa5d8a08f8199ad3e32c5b