Lucene search
K

164 matches found

CNNVD
CNNVD
added 2021/11/16 12:0 a.m.5 views

winproladder缓冲区错误漏洞

winproladder is a PLC programming software of China Yonghong patek. The software has easy programming operations, super control, algorithmic commands, super communication, NC positioning function and other features A buffer error vulnerability exists in WinProladder 3.3024518 and prior versions,...

7.8CVSS7.9AI score0.01926EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2021/11/16 12:0 a.m.7 views

The vulnerability of the FATEK WinProladder controller programming software lies in the use of memory after it is freed, allowing a hacker to execute arbitrary code.

The vulnerability of the FATEK WinProladder controller programming software lies in the use of memory after it is freed during syntax analysis of project files. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.6AI score0.00959EPSS
Exploits0References5Affected Software1
ICS
ICS
added 2021/11/16 12:0 a.m.38 views

FATEK Automation WinProladder

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: FATEK Automation Equipment: WinProladder Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow for arbitrary code execution. 3...

7.8CVSS8.4AI score0.02091EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2021/11/12 12:0 a.m.9 views

The vulnerability of the FATEK WinProladder controller programming software lies in the fact that the write operation can exceed the buffer boundaries into memory, allowing an attacker to execute arbitrary code.

The vulnerability of the FATEK WinProladder controller programming software lies in the fact that the write operation goes beyond the buffer boundaries when analyzing project files syntactically. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created...

7.8CVSS7.9AI score0.00912EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.7 views

The vulnerability of the FATEK WinProladder controller programming software lies in the fact that the write operation can exceed the buffer boundaries into memory. This allows a malicious actor to execute arbitrary code or cause a service failure.

The vulnerability of the FATEK WinProladder controller programming software lies in the fact that the write operation goes beyond the buffer boundaries into memory during PDW-file syntax analysis. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause system failures...

7.8CVSS7.9AI score0.00912EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/21 12:0 a.m.6 views

The vulnerability of the FATEK WinProladder software for controlling controllers arises from buffer overflows in the stack, allowing an attacker to execute arbitrary code.

The vulnerability of the FATEK WinProladder controller programming software is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by causing the user to open a specially created malicious file...

7.8CVSS8AI score0.00973EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/21 12:0 a.m.8 views

The vulnerability of the FATEK WinProladder controller programming software lies in an unexpected expansion of the symbol, allowing a hacker to execute arbitrary code.

The vulnerability of the FATEK WinProladder controller programming software is related to an unexpected expansion of the signature. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by having the user open a specially created malicious file...

7.8CVSS7.7AI score0.00912EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2021/10/18 1:15 p.m.17 views

CVE-2021-38438

A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution...

7.8CVSS0.00959EPSS
Exploits0References1
NVD
NVD
added 2021/10/18 1:15 p.m.23 views

CVE-2021-38442

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process...

7.8CVSS0.00912EPSS
Exploits0References1
NVD
NVD
added 2021/10/18 1:15 p.m.28 views

CVE-2021-38434

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code...

7.8CVSS0.00912EPSS
Exploits0References1
NVD
NVD
added 2021/10/18 1:15 p.m.26 views

CVE-2021-38440

FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information...

4.3CVSS0.00569EPSS
Exploits0References1
NVD
NVD
added 2021/10/18 1:15 p.m.17 views

CVE-2021-38426

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code...

7.8CVSS0.00912EPSS
Exploits0References1
OSV
OSV
added 2021/10/18 1:15 p.m.5 views

CVE-2021-38426

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code...

7.8CVSS7.3AI score0.00912EPSS
Exploits0References1
OSV
OSV
added 2021/10/18 1:15 p.m.3 views

CVE-2021-38436

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS6.1AI score0.00912EPSS
Exploits0References1
OSV
OSV
added 2021/10/18 1:15 p.m.3 views

CVE-2021-38438

A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution...

7.8CVSS5.9AI score0.00959EPSS
Exploits0References1
OSV
OSV
added 2021/10/18 1:15 p.m.4 views

CVE-2021-38442

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7.3AI score0.00912EPSS
Exploits0References1
OSV
OSV
added 2021/10/18 1:15 p.m.5 views

CVE-2021-38430

FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code...

7.8CVSS7.8AI score0.00973EPSS
Exploits0References1
NVD
NVD
added 2021/10/18 1:15 p.m.19 views

CVE-2021-38430

FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code...

7.8CVSS0.00973EPSS
Exploits0References1
OSV
OSV
added 2021/10/18 1:15 p.m.5 views

CVE-2021-38434

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code...

7.8CVSS7.3AI score0.00912EPSS
Exploits0References1
OSV
OSV
added 2021/10/18 1:15 p.m.2 views

CVE-2021-38440

FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information...

3.3CVSS5.8AI score0.00569EPSS
Exploits0References1
Rows per page
Query Builder