25 matches found
EUVD-2022-42513
Malicious code in bioql PyPI...
EUVD-2022-42521
Malicious code in bioql PyPI...
EUVD-2022-35173
Malicious code in bioql PyPI...
EUVD-2022-35169
Malicious code in bioql PyPI...
EUVD-2022-34308
Malicious code in bioql PyPI...
CVE-2022-3092
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code...
CVE-2022-3084
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code...
Code injection
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code...
Out-of-bounds
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code...
CVE-2022-2952
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code...
CVE-2022-2002
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code...
CVE-2022-2948
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code...
Code injection
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code...
Heap overflow
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code...
Code injection
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code...
CVE-2022-3092
GE CIMPLICITY HMI/SCADA software (CIMPLICITY) versions 2022 and prior are affected by CVE-2022-3092 due to an out-of-bounds write (CWE-787) that could allow arbitrary code execution. The vulnerability is local (AV:L, UI:R) with high impact to confidentiality, integrity and availability (CVSS v3 b...
CVE-2022-3084
GE CIMPLICITY is affected (versions 2022 and prior) by CVE-2022-3084 due to an uninitialized pointer condition where data from a faulting address can control code flow, starting at gmmiObj!CGmmiRootOptionTable, enabling arbitrary code execution. The issue is documented across multiple sources (NV...
CVE-2022-2952
CVE-2022-2952 affects GE CIMPLICITY (versions 2022 and prior). The vulnerability occurs when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, potentially allowing arbitrary code execution. Impact is high (C/H/I/H/A/H) with CVSS v3.1 base score 7.8, attack ...
CVE-2022-2948
CVE-2022-2948 affects GE CIMPLICITY HMI/SCADA software versions 2022 and earlier. The vulnerability is a heap-based buffer overflow in CIMPLICITY (CVE-2022-2948) that could allow an attacker to execute arbitrary code. Reported impact aligns with a HIGH severity (CVSS v3.1: 7.8) with local attack ...
CVE-2022-2002
CVE-2022-2002 affects GE CIMPLICITY (versions 2022 and prior). The issue is an untrusted pointer dereference in gmmiObj!CGmmiOptionContainer that could allow arbitrary code execution. The CVSS v3.1 base score is 7.8 (HIGH), with LOCAL attack vector and user interaction required. Public exploitati...