Lucene search
K

277 matches found

CVE
CVE
added 2019/10/18 6:23 p.m.166 views

CVE-2019-13545

CVE-2019-13545 affects Horner Automation Cscape (versions 9.90 and earlier). The vulnerability is an out-of-bounds write caused by improper validation of data, which may allow arbitrary code execution. Related advisories describe a CSP-file parsing path and imply remote/code execution scenarios, ...

7.8CVSS7.9AI score0.01939EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/10/18 6:23 p.m.36 views

CVE-2019-13545

In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution...

8AI score0.01939EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2019/10/18 12:0 a.m.28 views

Horner Automation Cscape CSP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

7.8CVSS3.8AI score0.01939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/10/18 12:0 a.m.27 views

Horner Automation Cscape CSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.2AI score0.01939EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/18 12:0 a.m.7 views

Horner Automation Cscape Buffer Overflow Vulnerability

Horner Automation Cscape is a set of programming software for industrial control system development from Horner Automation. A buffer overflow vulnerability exists in Horner Automation Cscape version 9.90 and earlier. The vulnerability originates when a networked system or product performs an...

7.8CVSS7.8AI score0.01939EPSS
Exploits0References1
Symantec
Symantec
added 2019/10/17 12:0 a.m.17 views

Horner Automation Cscape ICSA-19-290-02 Multiple Arbitrary Code Execution Vulnerabilities

Description Horner Automation Cscape is prone to multiple arbitrary code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code within the context of the affected application, crash the device or obtain sensitive information. Versions prior to Horner Automation...

0.9AI score
Exploits0References2Affected Software1
ICS
ICS
added 2019/10/17 12:0 a.m.128 views

Horner Automation Cscape

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low skill level to exploit Vendor: Horner Automation Equipment: Cscape Vulnerabilities: Improper Input Validation, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash the device being accessed, which may...

7.8CVSS8.4AI score0.01939EPSS
Exploits0References5
Prion
Prion
added 2019/02/28 8:29 p.m.10 views

Input validation

Cscape, 9.80 SP4 and prior. An improper input validation vulnerability may be exploited by processing specially crafted POC files. This may allow an attacker to read confidential information and remotely execute arbitrary code...

6.8CVSS7.6AI score0.01716EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/02/28 8:29 p.m.22 views

CVE-2019-6555

Cscape, 9.80 SP4 and prior. An improper input validation vulnerability may be exploited by processing specially crafted POC files. This may allow an attacker to read confidential information and remotely execute arbitrary code...

7.8CVSS7.6AI score0.01716EPSS
Exploits0References2
OSV
OSV
added 2019/02/28 8:29 p.m.2 views

CVE-2019-6555

Cscape, 9.80 SP4 and prior. An improper input validation vulnerability may be exploited by processing specially crafted POC files. This may allow an attacker to read confidential information and remotely execute arbitrary code...

7.8CVSS7.3AI score0.01716EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/02/28 8:0 p.m.23 views

CVE-2019-6555

Cscape, 9.80 SP4 and prior. An improper input validation vulnerability may be exploited by processing specially crafted POC files. This may allow an attacker to read confidential information and remotely execute arbitrary code...

7.6AI score0.01716EPSS
Exploits0References2
CVE
CVE
added 2019/02/28 8:0 p.m.56 views

CVE-2019-6555

CVE-2019-6555 affects Horner Automation’s Cscape (versions 9.80 SP4 and earlier). The vulnerability is an improper input validation in CSP file processing, enabling reading of confidential information and remote code execution via specially crafted POC files. MITRE/attack details in connected sou...

7.8CVSS7.5AI score0.01716EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/02/20 12:0 a.m.7 views

Cscape Input Validation Error Vulnerability

Cscape is an application that can program the full range of OCS. An input validation error vulnerability exists in Cscape 9.80 SP4 and earlier versions. The vulnerability can be exploited by an attacker to read confidential information and remotely execute arbitrary code via a specially crafted P...

7.8CVSS7.2AI score0.01716EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/02/20 12:0 a.m.25 views

Horner Automation Cscape CSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.1AI score0.01716EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2019/02/20 12:0 a.m.26 views

Horner Automation Cscape CSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.1AI score0.01716EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/02/20 12:0 a.m.3 views

PT-2019-18163 · Cscape · Cscape

Name of the Vulnerable Software and Affected Versions: Cscape versions 9.80 SP4 and prior Description: An improper input validation issue may be exploited by processing specially crafted POC files, potentially allowing an attacker to read confidential information and remotely execute arbitrary...

7.8CVSS7.6AI score0.01716EPSS
Exploits0References5
ICS
ICS
added 2019/02/19 12:0 a.m.50 views

Horner Automation Cscape

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Horner Automation Equipment: Cscape Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed, which may allow the attacker to read...

7.8CVSS8AI score0.01716EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2019/01/18 12:0 a.m.15 views

Horner APG Cscape EnvisionRV Detection (Windows SMB Login)

SMB login-based detection of Horner APG Cscape EnvisionRV. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

6.9AI score
Exploits0References1
OpenVAS
OpenVAS
added 2019/01/18 12:0 a.m.12 views

Horner APG Cscape EnvisionFX Detection (Windows SMB Login)

Detects the installed version of Horner APG Cscape EnvisionFX for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4AI score
Exploits0References1
OpenVAS
OpenVAS
added 2019/01/18 12:0 a.m.47 views

Horner Automation/APG Cscape Programming Software Detection (Windows SMB Login)

SMB login-based detection of Horner Automation formerly Horner APG Cscape Programming software. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5.8AI score
Exploits0References1
Rows per page
Query Builder