129 matches found
Buffer overflow
An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the EZ Touch Editor Versions 2.1.0 and prior...
CVE-2019-13522
An attacker could use a specially crafted project file to corrupt the memory and execute code under the privileges of the EZ PLC Editor Versions 1.8.41 and prior...
CVE-2019-13513
In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application...
CVE-2019-10980
A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is...
CVE-2019-6822
A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 and earlier, which could cause remote code execution when opening a specially crafted Zelio Soft 2 project file...
Type confusion
An access of uninitialized pointer vulnerability in CX-Supervisor Versions 3.42 and prior could lead to type confusion when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application...
CVE-2018-19002
LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash...
CVE-2018-19015
An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor Versions 3.42 and prior through a specially crafted project file. An attacker could exploit this to execute code under the privileges of the application...
Unspecified vulnerability in LCDS LAquis SCADA (CNVD-2019-28114)
LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A security vulnerability exists in LCDS LAquis SCADA version 4.1.0.3870. The...
Omron CX-Supervisor Reuse After Release Vulnerability
Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A post-release reuse vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which stems from an application failing to check if a project...
Omron CX-Supervisor Command Injection Vulnerability
Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A command injection vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which can be exploited by an attacker to inject commands via a...
Omron CX-Supervisor Command Injection Vulnerability (NVD-C-2019-12033)
Omron CX-Supervisor is a powerful and advanced machine visualization software package that provides a very flexible PC-based HMI environment. A command injection vulnerability exists in Omron CX-Supervisor 3.42 and earlier versions, which can be exploited by an attacker to inject commands via a...
CVE-2019-3580
OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file...
Directory traversal
OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file...
Omron CX-One Buffer Overflow Vulnerability
Omron CX-One is an integrated toolkit from Omron, which includes software for networking, PT, inverters, temperature controllers, and PLC programming, etc. CX-Programmer is a PLC programming software, and CX-Server is a driver management tool. A buffer overflow vulnerability exists in Omron CX-On...
Omron CX-One Memory Misreference Vulnerability
Omron CX-One is an integrated toolkit from Omron, which includes software for networking, PT, inverters, temperature controllers, and PLC programming, etc. CX-Programmer is a PLC programming software, and CX-Server is a driver management tool. A memory misreference vulnerability exists in Omron...
CVE-2017-6037
A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run by the system...
CVE-2017-2372
An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted GarageBan...
The vulnerability of the Integrated Architecture Builder software, a tool for creating control systems, allows a hacker to execute arbitrary code.
The vulnerability of the IAB.exe component of the Integrated Architecture Builder software, which is used for creating control systems, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating locally, to execute arbitrary code using a...
CVE-2016-2277
IAB.exe in Rockwell Automation Integrated Architecture Builder IAB before 9.6.0.8 and 9.7.x before 9.7.0.2 allows remote attackers to execute arbitrary code via a crafted project file...