840 matches found
CVE-2018-17901
The CVE-2018-17901 entry concerns LAquis SCADA (versions 4.1.0.3870 and earlier). It describes a vulnerability in processing project files where input is not sanitized before write operations on a stack object, potentially allowing code to be executed in the context of the current process. Docume...
Heap overflow
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. The device does not perform a check on the length/size of a project file before copying the entire contents of the file to a heap-based buffer...
CVE-2018-14794
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. The device does not perform a check on the length/size of a project file before copying the entire contents of the file to a heap-based buffer...
Buffer overflow
A maliciously crafted project file may cause a buffer overflow, which may allow the attacker to execute arbitrary code that affects Fuji Electric V-Server Lite 4.0.3.0 and prior...
Memory Corruption Vulnerability in Kewe's All-in-One Text Screen Configuration Software IOCS
Huangshi Kewei Automatic Control Co., Ltd. is an enterprise that develops, produces and sells embedded PLC, intelligent servo, human-machine interface and other series of industrial control products. A memory corruption vulnerability exists in IOCS, the Kewei Text All-in-One Screen Configuration...
Memory corruption vulnerability in Wecon PLC editor
Fuzhou Fuchang Wei-Control Electronic Technology Co., Ltd. is a technology company engaged in the research, development and sales of products in the field of automation. A memory corruption vulnerability exists in Wecon PLC editor. The vulnerability is caused due to the program parsing the projec...
Memory Corruption Vulnerability in AutoEnt
AutoEnt is a screen configuration software. A memory corruption vulnerability exists in AutoEnt. An attacker can exploit the vulnerability to cause memory corruption when reading a project file...
Memory Read Out-of-Bounds Vulnerability in Inventec VS Series HMI Programming Software
Shenzhen Inventec Electric Co., Ltd. is a product and service provider in the field of electrical transmission, industrial control and new energy. A memory read out-of-bounds vulnerability exists in Inventec's VS series HMI programming software. The vulnerability is caused due to a file failure t...
The vulnerability of Mitsubishi Electric’s E1000 E-Designer panel programming software lies in the ability to write data beyond the buffer in memory, allowing an attacker to execute arbitrary code or cause malfunctions during maintenance.
The vulnerability of Mitsubishi Electric’s E1000 E-Designer panel programming software lies in the fact that data is written beyond the buffer in memory when processing certain sections of the project file .mpa. Exploiting this vulnerability allows a malicious actor to execute arbitrary code unde...
Denial of Service Vulnerability in MXProgrammer Software
MXProgrammer software is a windows desktop software of Weihai Mack Electric Technology Co., Ltd. which is used to communicate with its MX series PLC products and complete the functions of program writing and downloading. A denial of service vulnerability exists in the MXProgrammer software...
Denial of Service Vulnerability in MXProgrammer Software
MXProgrammer software is a windows desktop software of Weihai Mack Electric Technology Co., Ltd. which is used to communicate with its MX series PLC products and complete the functions of program writing and downloading. A denial of service vulnerability exists in the MXProgrammer software. When...
Denial of Service Vulnerability in MXProgrammer Software
MXProgrammer software is a windows desktop software of Weihai Mack Electric Technology Co., Ltd. which is used to communicate with its MX series PLC products and complete the functions of program writing and downloading. A denial of service vulnerability exists in the MXProgrammer software. The...
CVE-2018-7517
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability...
CVE-2018-7521
In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file...
Design/Logic Flaw
In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file...
CVE-2018-7521
In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file...
CVE-2018-7521
CVE-2018-7521 concerns Omron CX-Supervisor (versions 3.30 and earlier) with a use-after-free in the parsing/processing of project files (SCS/SCS-like). The ZDI advisories describe multiple use-after-free conditions in parsing various CX-Supervisor project/file formats that allow remote attackers ...
Omron CX-Supervisor Buffer Overflow Vulnerability
CX-Supervisor is a Miscellaneous Shareware software.CX-Supervisor is dedicated to the design and operation of PC visualization and machine control. A buffer overflow vulnerability exists in Omron CX-Supervisor 3.30 and earlier versions, where parsing an incorrectly formatted project file may resu...
Omron CX-Supervisor Heap Buffer Overflow Vulnerability
CX-Supervisor is a Miscellaneous Shareware software.CX-Supervisor is dedicated to the design and operation of PC visualization and machine control. A heap buffer overflow vulnerability exists in Omron CX-Supervisor version 3.30, where parsing an incorrectly formatted project file could result in ...
CVE-2017-16670
The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file...