Lucene search
K

165 matches found

NVD
NVD
added 2021/10/18 1:15 p.m.26 views

CVE-2021-38440

FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information...

4.3CVSS0.00569EPSS
Exploits0References1
Prion
Prion
added 2021/10/18 1:15 p.m.18 views

Out-of-bounds

FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information...

4.3CVSS4.1AI score0.00569EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/18 1:15 p.m.16 views

Stack overflow

FATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code...

6.8CVSS7.9AI score0.00973EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/18 1:15 p.m.17 views

Heap overflow

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process...

6.8CVSS7.5AI score0.00912EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/18 1:15 p.m.11 views

Default credentials

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code...

6.8CVSS7.8AI score0.00912EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/18 1:15 p.m.13 views

Memory corruption

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process...

6.8CVSS7.8AI score0.00912EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/18 1:15 p.m.17 views

Code injection

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code...

6.8CVSS7.8AI score0.00912EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/18 1:15 p.m.18 views

Design/Logic Flaw

A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution...

6.8CVSS7.9AI score0.00959EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/10/18 12:39 p.m.49 views

CVE-2021-38436

FATEK Automation WinProladder is affected (versions 3.30 and prior). The issue arises from a lack of proper validation of user-supplied data when parsing project files, leading to memory corruption that could enable arbitrary code execution in the current process. The CVE is tracked as CVE-2021-3...

7.8CVSS7.8AI score0.00912EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/18 12:39 p.m.21 views

CVE-2021-38436 FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a memory-corruption condition. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS8AI score0.00912EPSS
Exploits0References1
CVE
CVE
added 2021/10/18 12:39 p.m.49 views

CVE-2021-38438

This CVE-2021-38438 affects FATEK Automation WinProladder (versions 3.30 and earlier). The vulnerability is a use-after-free in the PDW/project file parsing, which may be triggered when a valid user opens a malformed project file and can lead to arbitrary code execution. The issue is described ac...

7.8CVSS7.9AI score0.00959EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/18 12:39 p.m.25 views

CVE-2021-38438 FATEK Automation WinProladder

A use after free vulnerability in FATEK Automation WinProladder versions 3.30 and prior may be exploited when a valid user opens a malformed project file, which may allow arbitrary code execution...

7.8CVSS8.1AI score0.00959EPSS
Exploits0References1
CVE
CVE
added 2021/10/18 12:38 p.m.53 views

CVE-2021-38434

CVE-2021-38434 affects FATEK Automation WinProladder (versions 3.30 and prior). The connected sources describe a vulnerability in parsing project files where user-supplied data is not properly validated, leading to an unexpected sign extension that could enable arbitrary code execution. Public ad...

7.8CVSS7.8AI score0.00912EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/18 12:38 p.m.29 views

CVE-2021-38434 FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code...

7.8CVSS8AI score0.00912EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/10/18 12:38 p.m.27 views

CVE-2021-38440 FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior is vulnerable to an out-of-bounds read, which may allow an attacker to read unauthorized information...

3.3CVSS4.2AI score0.00569EPSS
Exploits0References1
CVE
CVE
added 2021/10/18 12:38 p.m.48 views

CVE-2021-38440

FATEK Automation WinProladder (PDW parsing) is affected by CVE-2021-38440: an out-of-bounds read in WinProladder versions 3.30 and earlier can disclose unauthorized information. The vulnerability exists in parsing PDW files and may be exploited by remote attackers. Exploitation requires user inte...

4.3CVSS4AI score0.00569EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/10/18 12:38 p.m.52 views

CVE-2021-38442

CVE-2021-38442 affects FATEK Automation WinProladder, with vulnerable PDW/PLC configuration data handling in WinProladder versions 3.30 and earlier. The root cause, as described across multiple sources, is improper validation of user-supplied data during PDW file parsing, leading to memory corrup...

7.8CVSS7.5AI score0.00912EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/18 12:38 p.m.28 views

CVE-2021-38442 FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in a heap-corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7.8AI score0.00912EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/10/18 12:38 p.m.24 views

CVE-2021-38426 FATEK Automation WinProladder

FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code...

7.8CVSS8AI score0.00912EPSS
Exploits0References1
CVE
CVE
added 2021/10/18 12:38 p.m.53 views

CVE-2021-38426

FATEK WinProladder (versions 3.30 and prior) is affected by CVE-2021-38426 due to improper validation of user-supplied data when parsing project files, causing an out-of-bounds write. The vulnerability can lead to arbitrary code execution. Public exploitation details are provided by ZDI-21-1169, ...

7.8CVSS7.8AI score0.00912EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder