21 matches found
EUVD-2022-42521
Malicious code in bioql PyPI...
EUVD-2022-35173
Malicious code in bioql PyPI...
CVE-2022-3092
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code...
CVE-2022-3084
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code...
Code injection
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code...
Out-of-bounds
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code...
CVE-2022-2952
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code...
CVE-2022-2002
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code...
CVE-2022-2948
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code...
Code injection
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code...
Heap overflow
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code...
Code injection
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code...
CVE-2022-3092
GE CIMPLICITY HMI/SCADA software (CIMPLICITY) versions 2022 and prior are affected by CVE-2022-3092 due to an out-of-bounds write (CWE-787) that could allow arbitrary code execution. The vulnerability is local (AV:L, UI:R) with high impact to confidentiality, integrity and availability (CVSS v3 b...
CVE-2022-3084
GE CIMPLICITY is affected (versions 2022 and prior) by CVE-2022-3084 due to an uninitialized pointer condition where data from a faulting address can control code flow, starting at gmmiObj!CGmmiRootOptionTable, enabling arbitrary code execution. The issue is documented across multiple sources (NV...
CVE-2022-2948
CVE-2022-2948 affects GE CIMPLICITY HMI/SCADA software versions 2022 and earlier. The vulnerability is a heap-based buffer overflow in CIMPLICITY (CVE-2022-2948) that could allow an attacker to execute arbitrary code. Reported impact aligns with a HIGH severity (CVSS v3.1: 7.8) with local attack ...
CVE-2022-2002
CVE-2022-2002 affects GE CIMPLICITY (versions 2022 and prior). The issue is an untrusted pointer dereference in gmmiObj!CGmmiOptionContainer that could allow arbitrary code execution. The CVSS v3.1 base score is 7.8 (HIGH), with LOCAL attack vector and user interaction required. Public exploitati...
PT-2022-19644 · Ge · Ge Cimpicity
Name of the Vulnerable Software and Affected Versions: GE CIMPICITY versions 2022 and prior Description: The issue is a heap-based buffer overflow that could allow an attacker to execute arbitrary code. Recommendations: For GE CIMPICITY versions 2022 and prior, at the moment, there is no...
PT-2022-20354 · Ge · Ge Cimpicity
Name of the Vulnerable Software and Affected Versions: GE CIMPICITY versions 2022 and prior Description: The issue arises when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, potentially allowing an attacker to execute arbitrary code. Recommendations: For...
PT-2022-14266 · Ge · Ge Cimpicity
Name of the Vulnerable Software and Affected Versions: GE CIMPICITY versions 2022 and prior Description: The issue arises when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, potentially allowing an attacker to execute arbitrary code. Recommendations: For...
PT-2022-20380 · Ge · Ge Cimpicity
Name of the Vulnerable Software and Affected Versions: GE CIMPICITY versions 2022 and prior Description: The issue is related to an out-of-bounds write, which could allow an attacker to execute arbitrary code. Recommendations: For GE CIMPICITY versions 2022 and prior, at the moment, there is no...