151 matches found
Stack overflow
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted time reduced data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
Stack overflow
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted setting value messages. Affected Products: IGSS Data Server - IGSSdataServer.exe Version...
Stack overflow
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
Stack overflow
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe Versions...
Stack overflow
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted mathematically reduced data request messages. Affected Products: IGSS Data Server -...
Stack overflow
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-32525
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe Versions...
CVE-2022-32524
CVE-2022-32524 affects Schneider Electric IGSS Data Server (IGSSdataServer.exe) prior to version 15.0.0.22170. The root cause is a CWE-120: Buffer Copy without Checking Size of Input, leading to a stack-based buffer overflow. This could enable remote code execution when an attacker sends speciall...
CVE-2022-32523
CVE-2022-32523 affects IGSS Data Server (IGSSdataServer.exe) prior to version 15.0.0.22170. It is a CWE-120 buffer copy without checking input size, causing a stack-based buffer overflow that could enable remote code execution when handling specially crafted online data request messages. Referenc...
CVE-2022-32525
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe Versions...
CVE-2022-32528
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause access to manipulate and read specific files in the IGSS project report directory, potentially leading to a denial-of-service condition when an attacker sends specific messages. Affected Products: IGSS...
CVE-2022-32526
CVE-2022-32526 affects Schneider Electric IGSS Data Server (IGSSdataServer.exe) prior to version 15.0.0.22170. The vulnerability is a CWE-120 buffer copy/stack-based overflow, triggered by specially crafted setting value messages, with potential remote code execution. Exploitation status is not d...
CVE-2022-32525
The CVE-2022-32525 vulnerability affects Schneider Electric IGSS Data Server (IGSSdataServer.exe) prior to v15.0.0.22170. It is described as a CWE-120 buffer copy without checking input size, leading to a stack-based buffer overflow when processing alarm data messages. This could enable remote co...
CVE-2022-32529
CVE-2022-32529 affects IGSS Data Server (IGSSdataServer.exe) prior to V15.0.0.22170. Description: CWE-120 Buffer Copy without Checking Size of Input leads to a stack-based buffer overflow that could enable remote code execution when processing specially crafted log data request messages. Affected...
CVE-2022-32523
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted online data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-32524
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted time reduced data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-32523
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted online data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-32527
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...
CVE-2022-32526
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted setting value messages. Affected Products: IGSS Data Server - IGSSdataServer.exe Version...
CVE-2022-32527
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...