840 matches found
CVE-2025-53524
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
CVE-2025-53524
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
CVE-2025-11009
The CVE-2025-11009 issue affects Mitsubishi Electric GT Designer3 (GOT2000 GOT1000) where credentials are stored in plaintext in project files (Cleartext Storage of Sensitive Information). Root cause: credentials verifi ed/stored in plaintext (CWE-312). Impact: local, unauthenticated attacker cou...
CVE-2025-11009 Information Disclosure Vulnerability in GT Designer3
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GT Designer3 Version1 GOT2000 all versions and Mitsubishi Electric GT Designer3 Version1 GOT1000 all versions allows a local unauthenticated attacker to obtain plaintext credentials from the project file for GT...
EUVD-2025-203861
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GT Designer3 Version1 GOT2000 all versions and Mitsubishi Electric GT Designer3 Version1 GOT1000 all versions allows a local unauthenticated attacker to obtain plaintext credentials from the project file for GT...
CVE-2025-53524 Fuji Electric Monitouch V-SFT-6 Out-of-bounds Write
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
CVE-2025-53524
Fuji Electric Monitouch V-SFT-6 is affected. The vulnerability is an out-of-bounds write during parsing of specially crafted project files (notably in V7 file parsing), which can lead to arbitrary code execution. Exploitation requires user interaction (per ZDI advisories) and is described as remo...
CVE-2025-53524 Fuji Electric Monitouch V-SFT-6 Out-of-bounds Write
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary code...
Fuji Electric Monitouch V-SFT-6 缓冲区错误漏洞
Fuji Electric Monitouch V-SFT-6 is a screen configuration software from Fuji Electric, Japan. A buffer error vulnerability exists in Fuji Electric Monitouch V-SFT-6, which originates from an out-of-bounds write when processing a specially crafted project file, and could lead to the execution of...
PT-2025-51796
Name of the Vulnerable Software and Affected Versions Fuji Electric Monitouch V-SFT-6 affected versions not specified Description The software contains a flaw due to an out-of-bounds write condition when handling a specifically designed project file. Successful exploitation of this issue could...
CVE-2025-3784
Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using disclosed credential...
CVE-2025-41700
An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context...
CVE-2025-41700
An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context...
CVE-2025-41700
An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context...
CVE-2025-41700
The CVE-2025-41700 entry concerns CODESYS Development System. The connected sources describe a vulnerability where an unauthenticated attacker can cause arbitrary code execution by tricking a local user into opening a specially crafted CODESYS project file, with code executed in the user’s contex...
CVE-2025-41700 CODESYS Development System - Deserialization of Untrusted Data
An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context...
EUVD-2025-199974
An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context...
CVE-2025-41700 CODESYS Development System - Deserialization of Untrusted Data
An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context...
CODESYS Development System 代码问题漏洞
CODESYS Development System is a suite of programming tools for use in the field of industrial controllers and automation technology from CODESYS, Germany. A code issue vulnerability exists in CODESYS Development System, which can be exploited by an unauthenticated attacker to trick a local user...
EUVD-2025-198295
Lite XL versions 2.1.8 and prior automatically execute the .liteproject.lua file when opening a project directory, without prompting the user for confirmation. The .liteproject.lua file is intended for project-specific configuration but can contain executable Lua logic. This behavior could allow...