Lucene search
K

129 matches found

OSV
OSV
added 2023/10/23 5:15 a.m.5 views

CVE-2023-43624

CX-Designer Ver.3.740 and earlier included in CX-One CXONE-ALD-V4 contains an improper restriction of XML external entity reference XXE vulnerability. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Designer is installed m...

5.5CVSS5.7AI score0.00195EPSS
Exploits0References2
OSV
OSV
added 2023/10/17 11:15 p.m.3 views

CVE-2023-42506

Improper restriction of operations within the bounds of a memory buffer issue exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file...

7.8CVSS6.1AI score0.002EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/17 12:0 a.m.3 views

JTEKT ELECTRONICS OnSinView2 Buffer Error Vulnerability

JTEKT ELECTRONICS OnSinView2 is an application from JTEKT ELECTRONICS, Inc. A security vulnerability exists in JTEKT ELECTRONICS OnSinView2 version 2.0.1 and prior versions, which stems from an improperly restricted operation within a memory buffer. The vulnerability can be exploited by an attack...

7.8CVSS6.9AI score0.002EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/09/29 12:0 a.m.8 views

The vulnerability of the Kostac PLC Programming Software (formerly Koyo PLC Programming Software) lies in its use of memory after it is freed. This allows a hacker to execute arbitrary code.

The vulnerability of the Kostac PLC Programming Software formerly Koyo PLC Programming Software relates to the use of memory after it is freed. Exploiting this vulnerability can allow an intruder to execute arbitrary code using a specially created project file...

7.8CVSS7.6AI score0.00188EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/29 12:0 a.m.8 views

The vulnerability of the Kostac PLC Programming Software (formerly Koyo PLC Programming Software) relates to the re-release of memory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Kostac PLC Programming Software formerly Koyo PLC Programming Software relates to the repeated release of memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created project file...

7.8CVSS7.6AI score0.00186EPSS
Exploits0References5Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/09/13 6:2 a.m.3 views

Multiple vulnerabilities in JTEKT ELECTRONICS Kostac PLC Programming Software

Overview Kostac PLC Programming Software provided by JTEKT ELECTRONICS CORPORATION contains multiple vulnerabilities listed below. Double free CWE-415 - CVE-2023-41374 Use-after-free CWE-416 - CVE-2023-41375 Michael Heinzl reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with th...

7.8CVSS7.2AI score0.00188EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/07/21 12:0 a.m.3 views

Panasonic Control FPWIN Pro 缓冲区错误漏洞

Panasonic Control FPWIN Pro is a programming software from Panasonic Corporation Japan. A security vulnerability exists in Panasonic Control FPWIN Pro version 7.6.0.3 and prior versions, which stems from a buffer overflow vulnerability that could allow an attacker to execute arbitrary code when...

7.8CVSS8.2AI score0.00279EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/21 12:0 a.m.4 views

Panasonic Control FPWIN Pro 安全漏洞

Panasonic Control FPWIN Pro is a programming software from Panasonic Corporation Japan. A security vulnerability exists in Panasonic Control FPWIN Pro 7.6.0.3 and prior versions, which stems from a type confusion vulnerability that could allow execution of arbitrary code when opening a specially...

7.8CVSS7.8AI score0.00199EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/06/19 12:0 a.m.6 views

The vulnerability of the software for configuring Schneider Electric EcoStruxure Operator Terminal Expert HMI terminals and the SCADA Pro-face BLUE software allows a perpetrator to execute arbitrary codes.

The vulnerability of Schneider Electric EcoStruxure Operator Terminal Expert HMI configuration software and SCADA Pro-face BLUE software is related to the possibility of code injection. Exploiting this vulnerability allows a perpetrator to execute arbitrary code by loading a specially crafted...

7.8CVSS7.6AI score0.00597EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2023/06/13 10:15 a.m.2 views

CVE-2023-29498

Improper restriction of XML external entity reference XXE vulnerability exists in FRENIC RHC Loader v1.1.0.3 and earlier. If a user opens a specially crafted project file, sensitive information on the system where the affected product is installed may be disclosed...

5.5CVSS6.6AI score0.00211EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/02/13 2:21 a.m.5 views

CVE-2023-22353

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing control management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information...

7.8CVSS6AI score0.00312EPSS
Exploits0References3
NVD
NVD
added 2023/02/13 2:21 a.m.13 views

CVE-2023-22360

Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or...

7.8CVSS7.7AI score0.00292EPSS
Exploits0References3
OSV
OSV
added 2023/02/13 2:21 a.m.5 views

CVE-2023-22349

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information...

7.8CVSS6AI score0.00334EPSS
Exploits0References3
OSV
OSV
added 2023/02/13 2:21 a.m.4 views

CVE-2023-22347

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information...

7.8CVSS7.3AI score0.00334EPSS
Exploits0References3
OSV
OSV
added 2023/02/13 2:21 a.m.5 views

CVE-2023-22345

Out-of-bound write vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process when out of specification errors are detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information...

7.8CVSS6AI score0.00256EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.3 views

PT-2023-18460 · Unknown · Cx-Motion-Mch

Name of the Vulnerable Software and Affected Versions: CX-Motion-MCH versions 2.32 and earlier Description: The issue is related to an access of uninitialized pointer vulnerability. If a user opens a specially crafted project file, it may lead to information disclosure and/or arbitrary code...

7.8CVSS7.5AI score0.002EPSS
Exploits0References4
CNVD
CNVD
added 2023/01/06 12:0 a.m.2 views

Fuji Electric V-Server Buffer Overflow Vulnerability

Fuji Electric V-Server is a software package for collecting and managing real-time field data. A buffer overflow vulnerability exists in Fuji Electric V-Server. An attacker could exploit the vulnerability to obtain information and execute arbitrary code by allowing a user to open a specially...

7.8CVSS7.8AI score0.00253EPSS
Exploits0References1
CNVD
CNVD
added 2023/01/06 12:0 a.m.2 views

Fuji Electric V-Server Out-of-Bounds Write Vulnerability

Fuji Electric V-Server is a software package for collecting and managing real-time field data. An out-of-bounds write vulnerability exists in Fuji Electric V-Server, which can be exploited by an attacker to obtain information and execute arbitrary code by allowing a user to open a specially craft...

7.8CVSS7.6AI score0.00228EPSS
Exploits0References1
CNVD
CNVD
added 2023/01/05 12:0 a.m.2 views

Fuji Electric V-Server Out-of-Bounds Read Vulnerability

Fuji Electric V-Server is a software package for collecting and managing real-time field data. Fuji Electric V-Server has an out-of-bounds read vulnerability that can be exploited by an attacker to obtain information or execute arbitrary code by allowing a user to open a specially crafted project...

7.8CVSS7.5AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 2023/01/03 3:15 a.m.3 views

CVE-2022-47908

Stack-based buffer overflow vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file...

7.8CVSS6.3AI score0.00253EPSS
Exploits0References2
Rows per page
Query Builder