Lucene search
K

129 matches found

Prion
Prion
added 2019/09/04 3:15 p.m.10 views

Buffer overflow

An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior...

6.8CVSS7.8AI score0.01442EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/04 2:29 p.m.25 views

CVE-2019-13522

An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior...

7.7AI score0.01367EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/15 6:20 p.m.45 views

CVE-2019-13513

In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application...

7.7AI score0.0385EPSS
Exploits0References6
OSV
OSV
added 2019/08/05 7:15 p.m.5 views

CVE-2019-10980

A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is...

7.8CVSS6.3AI score0.01002EPSS
Exploits0References1
OSV
OSV
added 2019/07/15 9:15 p.m.5 views

CVE-2019-6822

A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file...

7.8CVSS7.7AI score0.03699EPSS
Exploits0References4
Prion
Prion
added 2019/02/12 10:29 p.m.12 views

Type confusion

An access of uninitialized pointer vulnerability in CX-Supervisor Versions 3.42 and prior could lead to type confusion when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application...

6CVSS7.3AI score0.0116EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/02/05 6:29 p.m.4 views

CVE-2018-19002

LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash...

7.8CVSS6AI score0.02668EPSS
Exploits0References2
OSV
OSV
added 2019/01/28 7:29 p.m.5 views

CVE-2018-19015

An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor Versions 3.42 and prior through a specially crafted project file. An attacker could exploit this to execute code under the privileges of the application...

7.3CVSS6AI score0.01484EPSS
Exploits0References2
CNVD
CNVD
added 2019/01/18 12:0 a.m.4 views

Unspecified vulnerability in LCDS LAquis SCADA (CNVD-2019-28114)

LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A security vulnerability exists in LCDS LAquis SCADA version 4.1.0.3870. The...

8.3CVSS7.2AI score0.02668EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/18 12:0 a.m.2 views

Omron CX-Supervisor Reuse After Release Vulnerability

Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A post-release reuse vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which stems from an application failing to check if a project...

8.8CVSS7.4AI score0.02395EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/18 12:0 a.m.2 views

Omron CX-Supervisor Command Injection Vulnerability

Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A command injection vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which can be exploited by an attacker to inject commands via a...

5CVSS7.6AI score0.00753EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/18 12:0 a.m.1 views

Omron CX-Supervisor Command Injection Vulnerability (NVD-C-2019-12033)

Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A command injection vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which can be exploited by an attacker to inject commands via a...

7.3CVSS8AI score0.01484EPSS
Exploits0References1
OSV
OSV
added 2019/01/03 1:29 a.m.11 views

CVE-2019-3580

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file...

7.5CVSS6.9AI score
Exploits0References1
Prion
Prion
added 2019/01/03 1:29 a.m.14 views

Directory traversal

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file...

5CVSS7.5AI score0.01853EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2018/12/05 12:0 a.m.3 views

Omron CX-One Buffer Overflow Vulnerability

Omron CX-One is an integrated toolkit from Omron, which includes software for networking, PT, inverters, temperature controllers, and PLC programming, etc. CX-Programmer is a PLC programming software, and CX-Server is a driver management tool. A buffer overflow vulnerability exists in Omron CX-On...

7.8CVSS7.9AI score0.01754EPSS
Exploits0References1
CNVD
CNVD
added 2018/12/05 12:0 a.m.2 views

Omron CX-One Memory Misreference Vulnerability

Omron CX-One is an integrated toolkit from Omron, which includes software for networking, PT, inverters, temperature controllers, and PLC programming, etc. CX-Programmer is a PLC programming software, and CX-Server is a driver management tool. A memory misreference vulnerability exists in Omron...

7.8CVSS7.7AI score0.01627EPSS
Exploits0References1
OSV
OSV
added 2017/04/27 12:59 a.m.3 views

CVE-2017-6037

A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run by the system...

8.8CVSS6.1AI score0.0193EPSS
Exploits0References2
OSV
OSV
added 2017/02/20 8:59 a.m.3 views

CVE-2017-2372

An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted GarageBan...

8.8CVSS6.1AI score0.01981EPSS
Exploits2References5
BDU FSTEC
BDU FSTEC
added 2016/04/19 12:0 a.m.8 views

The vulnerability of the Integrated Architecture Builder software, a tool for creating control systems, allows a hacker to execute arbitrary code.

The vulnerability of the IAB.exe component of the Integrated Architecture Builder software, which is used for creating control systems, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating locally, to execute arbitrary code using a...

6.9CVSS7AI score0.00902EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2016/04/06 11:59 p.m.2 views

CVE-2016-2277

IAB.exe in Rockwell Automation Integrated Architecture Builder IAB before 9.6.0.8 and 9.7.x before 9.7.0.2 allows remote attackers to execute arbitrary code via a crafted project file...

6.3CVSS6.1AI score0.00902EPSS
Exploits0References1
Rows per page
Query Builder