EUVD-2019-2688

Malware in sbrugna...

CVE-2019-10974

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code...

CVE-2019-10974

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code...

CVE-2019-10974

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code...

Code injection

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code...

CVE-2019-10974

NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code...

CVE-2019-10974

CVE-2019-10974 affects EnergyPlus 8.6.0 and earlier. The vulnerability is a stack-based buffer overflow (CWE-121) where the application fails to prevent an exception handler from being overwritten with arbitrary code. Impact per sources includes potential arbitrary code execution or denial of ser...

NREL EnergyPlus Stack Buffer Overflow Vulnerability

EnergyPlus is a building energy simulation program from the National Renewable Energy Laboratory. A buffer overflow vulnerability exists in EnergyPlus 8.6.0 and prior versions. The vulnerability stems from a networked system or product performing operations on memory without properly validating...

NREL EnergyPlus

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low skill level to exploit Vendor: National Renewable Energy Laboratory NREL Equipment: EnergyPlus Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary...