Horner Automation Cscape 缓冲区错误漏洞

Cscape is an application that can program the full range of OCS. An out-of-bounds read vulnerability exists in Cscape versions prior to 9.90 SP3.5. The vulnerability stems from a failure to properly validate user-supplied data when parsing a project file. An attacker can exploit the vulnerability...

CVE-2021-22653

Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite versions prior to 4.0.10.0...

CVE-2021-22637

Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite versions prior to 4.0.10.0...

CVE-2021-22639

An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite versions prior to 4.0.10.0...

CVE-2020-27284

TPEditor v1.98 and prior is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution...

M&M Fdtcontainer Code Issue Vulnerability

M&M Fdtcontainer is a plug-and-play FDT framework application that can be customized to meet the needs of customers by China Meiming M&M. A code issue vulnerability exists in M&M fdtCONTAINER component Version 3, which can be exploited by an attacker to load a manipulated project file and malicio...

CVE-2020-27287

Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code...

Delta Electronics CNCSoft ScreenEditor Buffer Overflow Vulnerability (CNVD-2021-03007)

Delta Electronics CNCSoft ScreenEditor is a CNC machine simulation system software. A buffer overflow vulnerability exists in the Delta Electronics CNCSoft ScreenEditor processing project file, which can be exploited by a remote attacker to submit a specially crafted request that can be used to...

Design/Logic Flaw

An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload project files by opening the Project URL directly in the browser after logging in...

Delta Electronics CNCSoft ScreenEditor 缓冲区错误漏洞

Delta Electronics CNCSoft ScreenEditor is a CNC machine simulation system software. A buffer overflow vulnerability exists in the Delta Electronics CNCSoft ScreenEditor processing project file, which can be exploited by a remote attacker to submit a specially crafted request that can be used to...

CVE-2020-25188

An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the LAquis SCADA Versions prior to 4.3.1.870...

Design/Logic Flaw

An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the LAquis SCADA Versions prior to 4.3.1.870...

CVE-2020-7528

A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect V3.6.3.574 and prior which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer...

Advantech WebAccess HMI Designer Type Obfuscation Vulnerability

Advantech WebAccess HMI Designer is an integrated HMI development tool from Advantech, Taiwan, China. The product is equipped with features such as data transfer, menu editing and text editing. A type confusion vulnerability exists in Advantech WebAccess HMI Designer version 2.1.9.31 and prior...

CVE-2020-16221

Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application...

CVE-2020-16227

Delta Electronics TPEditor Versions 1.97 and prior. An improper input validation may be exploited by processing a specially crafted project file not validated when the data is entered by a user. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execut...

CVE-2020-16225

Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application...

Stack overflow

Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application...

Heap overflow

Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application...

Delta Electronics TPEditor Buffer Overflow Vulnerability (CNVD-2020-46850)

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics, Taiwan, China. A buffer overflow vulnerability exists in Delta Electronics TPEditor version 1.97 and earlier. The vulnerability can be exploited by an attacker with a specially crafted...