DependencyCheck

This is an open-source project for a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies. The project is called OWASP dependency-check. The project is written in Java and is designed to be used in a variety of environments, including...

Linux Distros Unpatched Vulnerability : CVE-2020-10814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability in Code::Blocks 17.12 allows an attacker to execute arbitrary code via a crafted project file. CVE-2020-10814 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2025-51824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libcsp 2.0 is vulnerable to Buffer Overflow in the cspusartopen function at drivers/usart/zephyr.c. CVE-2025-51824 Note that Nessus relies on the presence of th...

Linux Distros Unpatched Vulnerability : CVE-2019-12445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab Community and Enterprise Edition 8.4 through 11.11. A malicious user could execute JavaScript code on notes by importing a...

CVE-2012-10057 Lattice Semiconductor ispVM System 18.0.2 XCF File Handling Buffer Overflow

Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on th...

INVT VT-Designer 缓冲区错误漏洞

INVT VT-Designer is an HMI programming and configuration software from China-based INVT. A buffer error vulnerability exists in INVT VT-Designer that originates from an out-of-bounds write when parsing a PM3 file, which could lead to remote code execution...

PT-2025-27428 · Delta Electronics · Dtm Soft

Name of the Vulnerable Software and Affected Versions: Delta Electronics DTM Soft versions affected versions not specified Description: The issue concerns the deserialization of untrusted data in Delta Electronics DTM Soft project file parsing, leading to remote code execution. This allows for th...

CVE-2024-28886

OS command injection vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product opens a crafted UTAU project file .ust file, an arbitrary OS command may be executed...

CVE-2023-25755

Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...

CVE-2023-22322

Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...

CVE-2023-0621

Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in reads past the end of allocated data structures. An attacker could leverage these...

CVE-2023-29446

An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline...

CVE-2023-0104

The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data...

CVE-2023-41374

Double free issue exists in Kostac PLC Programming Software Version 1.6.11.0 and earlier. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of...

CVE-2023-30757

A vulnerability has been identified in Totally Integrated Automation Portal TIA Portal V14 All versions, Totally Integrated Automation Portal TIA Portal V15 All versions, Totally Integrated Automation Portal TIA Portal V15.1 All versions, Totally Integrated Automation Portal TIA Portal V16 All...

CVE-2023-41375

Use after free vulnerability exists in Kostac PLC Programming Software Version 1.6.11.0. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of K...

CVE-2023-22350

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing parts management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information...

CVE-2023-22366

CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having a user to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution...

CVE-2023-22347

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information...

CVE-2023-22346

Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure...