Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. It was observed that the device password was stored with a weak encoding algorithm in the easyE4 program file when exported to SD card (*.PRG file...
6.8CVSS
6.5AI Score
0.001EPSS
xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length...
9.8CVSS
9.6AI Score
0.002EPSS
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified...
6.8CVSS
6.8AI Score
0.0004EPSS
Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a...
7.4AI Score
0.005EPSS
Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a crafted image...
8AI Score
0.016EPSS
Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer...
7.7AI Score
0.026EPSS