Lucene search
K

138 matches found

NVD
NVD
added 2021/06/11 4:15 p.m.31 views

CVE-2021-22762

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in remote code execution, when a malicious CGF or WSP file is being parsed by IGSS Definition...

7.8CVSS0.01395EPSS
Exploits0References1
NVD
NVD
added 2021/06/11 4:15 p.m.18 views

CVE-2021-22753

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious WSP file is being parsed by IGSS Definition...

7.8CVSS0.01172EPSS
Exploits0References1
OSV
OSV
added 2021/06/11 4:15 p.m.2 views

CVE-2021-22753

A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious WSP file is being parsed by IGSS Definition...

7.8CVSS7.7AI score0.01172EPSS
Exploits0References1
NVD
NVD
added 2021/06/11 4:15 p.m.23 views

CVE-2021-22752

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing size checks, when a malicious WSP Workspace file is being parsed by IGSS Definition...

7.8CVSS0.01172EPSS
Exploits0References1
Prion
Prion
added 2021/06/11 4:15 p.m.21 views

Out-of-bounds

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing size checks, when a malicious WSP Workspace file is being parsed by IGSS Definition...

6.8CVSS7.9AI score0.01172EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/11 3:40 p.m.25 views

CVE-2021-22752

A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing size checks, when a malicious WSP Workspace file is being parsed by IGSS Definition...

8.2AI score0.01172EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/06/10 12:0 a.m.39 views

Schneider Electric IGSS WSP and CGF File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4AI score0.01395EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/06/10 12:0 a.m.36 views

Schneider Electric IGSS WSP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS3.8AI score0.01172EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/06/10 12:0 a.m.33 views

Schneider Electric IGSS WSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS3.7AI score0.01172EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/09 12:0 a.m.8 views

Interactive Graphical SCADA System (IGSS) out-of-bounds write vulnerability (CNVD-2021-42157)

The Schneider Electric Interactive Graphical SCADA System IGSS is an advanced SCADA system for monitoring and controlling industrial processes. An out-of-bounds write vulnerability exists in the Definition module of Interactive Graphical SCADA System IGSS versions 15.0.0.21140 and earlier. The...

7.8CVSS7.6AI score0.01172EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2016:2212-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.0771EPSS
Exploits3References14
Mageia
Mageia
added 2021/05/27 1:43 p.m.51 views

Updated wireshark packages fix a security vulnerability

The MS-WSP dissector could consume excessive amounts of memory CVE-2021-22207...

6.5CVSS2.6AI score0.02023EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2021/04/23 7:4 p.m.29 views

CVE-2021-22207

A flaw was found in wireshark. A memory leak in the MS-WSP dissector allows an attacker to crash an application which uses wireshark due to excessive memory allocation. The attacker can trigger the flaw by injecting special packets onto the wire or by convincing a victim user into opening a...

7.5CVSS2.5AI score0.02023EPSS
Exploits1References4
OSV
OSV
added 2021/04/23 6:15 p.m.4 views

DEBIAN-CVE-2021-22207

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file...

6.5CVSS6.5AI score0.02023EPSS
Exploits1References1
OSV
OSV
added 2021/04/23 6:15 p.m.6 views

AZL-7405 CVE-2021-22207 affecting package wireshark for versions less than 3.4.14-1

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file...

6.5CVSS6.5AI score0.02023EPSS
Exploits1References1
Prion
Prion
added 2021/04/23 6:15 p.m.31 views

Design/Logic Flaw

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file...

5CVSS6.5AI score0.02023EPSS
Exploits1References9Affected Software4
UbuntuCve
UbuntuCve
added 2021/04/23 6:15 p.m.29 views

CVE-2021-22207

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file...

6.5CVSS6.8AI score0.02023EPSS
Exploits1References4
OSV
OSV
added 2021/04/23 6:15 p.m.5 views

UBUNTU-CVE-2021-22207

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file...

6.5CVSS6.6AI score0.02023EPSS
Exploits1References5
Cvelist
Cvelist
added 2021/04/23 5:32 p.m.35 views

CVE-2021-22207

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file...

5.5CVSS7AI score0.02023EPSS
Exploits1References9
Debian CVE
Debian CVE
added 2021/04/23 5:32 p.m.27 views

CVE-2021-22207

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file...

6.5CVSS4AI score0.02023EPSS
Exploits1
Rows per page
Query Builder