CVE-2023-29446

The CVE-2023-29446 entry concerns Kepware KepServerEX and related Kepware/ThingWorx Kepware Server components. A vulnerability with improper input validation allows UNC path injection via a malicious project file, enabling an attacker to capture Windows NTLMv2 hashes and potentially crack them of...

CVE-2023-6314

Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file...

CVE-2023-6315

Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file...

CVE-2023-6315

Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file...

Stack overflow

Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file...

Design/Logic Flaw

Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file...

CVE-2023-6314

Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file...

PT-2023-32614 · Fpwin Pro · Fpwin Pro

Name of the Vulnerable Software and Affected Versions: FPWin Pro versions prior to 7.7.0.0 Description: A stack-based buffer overflow may allow attackers to execute arbitrary code via a specially crafted project file. Recommendations: For versions prior to 7.7.0.0, update to version 7.7.0.0 or...

The vulnerability of the microprogramming software for Phoenix Contact Automation Worx Software Suite devices, including AXC 1050, AXC 1050 XC, AXC 3050, Config+, FC 350 PCI ETH, ILC1x0, ILC1x1, ILC 3xx, PC Worx, PC Worx Express, PC WORX RT BASIC, PC WORX SRT, RFC 430 ETH-IB, RFC 450 ETH-IB, RFC 460R PN 3TX, RFC 470S PN 3TX, RFC 480S PN 4TX, arises from the incorrect assignment of permissions to critical resources. This allows an attacker to gain full access to the device.

The vulnerability of the microprogramming software for Phoenix Contact Automation Worx Software Suite, AXC 1050, AXC 1050 XC, AXC 3050, Config+, FC 350 PCI ETH, ILC1x0, ILC1x1, ILC 3xx, PC Worx, PC Worx Express, PC WORX RT BASIC, PC WORX SRT, RFC 430 ETH-IB, RFC 450 ETH-IB, RFC 460R PN 3TX, RFC...

PT-2023-8575 · Adobe · After Effects

Name of the Vulnerable Software and Affected Versions: Adobe After Effects versions 24.0.3 and earlier Adobe After Effects versions 23.6.0 and earlier Description: The issue is related to an out-of-bounds read vulnerability in Adobe After Effects, which could lead to the disclosure of sensitive...

PT-2023-7706 · Phoenix Contact · Pc Worx Express +17

Name of the Vulnerable Software and Affected Versions: Phoenix Contact Automation Worx Software Suite versions affected versions not specified AXC 1050 versions affected versions not specified AXC 1050 XC versions affected versions not specified AXC 3050 versions affected versions not specified...

Mitsubishi Electric FA Engineering Software Security Vulnerability

Mitsubishi Electric FA Engineering Software is a series of engineering software from Mitsubishi Electric Japan. A security vulnerability exists in Mitsubishi Electric FA Engineering Software, which is a malicious code execution vulnerability that originates from an externally controlled file name...

PT-2023-28286 · Eclipse +2 · Eclipse Ide +2

Name of the Vulnerable Software and Affected Versions: Eclipse IDE versions prior to 2023-09 4.29 Description: The issue concerns the parsing of XML content in certain files, making them vulnerable to XXE attacks. This can occur when a user opens a malicious project or updates an open project wit...

CVE-2023-43624

CX-Designer Ver.3.740 and earlier included in CX-One CXONE-ALD-V4 contains an improper restriction of XML external entity reference XXE vulnerability. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Designer is installed m...

CVE-2023-42507

Stack-based buffer overflow vulnerability exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file...

CVE-2023-42506

Improper restriction of operations within the bounds of a memory buffer issue exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file...

Stack overflow

Stack-based buffer overflow vulnerability exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file...

CVE-2023-42507

Stack-based buffer overflow vulnerability exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file...

CVE-2023-42507

Stack-based buffer overflow vulnerability exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file...

JTEKT ELECTRONICS OnSinView2 Buffer Error Vulnerability

JTEKT ELECTRONICS OnSinView2 is an application from JTEKT ELECTRONICS, Inc. A security vulnerability exists in JTEKT ELECTRONICS OnSinView2 version 2.0.1 and prior versions, which stems from an improperly restricted operation within a memory buffer. The vulnerability can be exploited by an attack...