CVE-2021-22711

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

CVE-2021-22711

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

CVE-2021-22710

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF Configuration Group File file is imported to IGS...

Design/Logic Flaw

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

Design/Logic Flaw

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF Configuration Group File fil...

Design/Logic Flaw

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 All versions prior to V3.0.0, which could cause the meter to reboot or allow for remote code execution...

Design/Logic Flaw

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION8650, ION8800, ION7650, ION7700/73xx, and ION83xx/84xx/85xx/8600 see security notifcation for affected versions, which could cause the meter to reboot...

Design/Logic Flaw

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

Design/Logic Flaw

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF Configuration Group File file is imported to IGS...

CVE-2021-22709

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in loss of data or remote code execution when malicious CGF Configuration Group File fil...

CVE-2021-22709

The CVE-2021-22709 entry affects Schneider Electric IGSS Definition (Def.exe) up to version 15.0.0.21041. The root cause is a CWE-119 buffer handling issue in parsing CGF configuration files, allowing loss of data or remote code execution when a malicious CGF is imported. Affected product: IGSS D...

CVE-2021-22710

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF Configuration Group File file is imported to IGS...

CVE-2021-22712

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

CVE-2021-22711

Schneider Electric IGSS Definition (Def.exe) vulnerabilities CVE-2021-22711 and related CVEs affect version 15.0.0.21041 and earlier, due to improper validation when importing CGF files, causing memory read/write and potential memory corruption. The ZDI advisory identifies a remote-code-execution...

CVE-2021-22711

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System IGSS Definition Def.exe V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF Configuration Group File file i...

CVE-2021-22714

Schneider Electric PowerLogic ION7400, PM8000 and ION9000 (all versions before V3.0.0) are affected by CVE-2021-22714 due to CWE-119 memory-buffer bounds violation. The issue could cause a meter reboot or remote code execution. Remediation: update to firmware V3.0.0 or apply Schneider Electric/SE...

CVE-2021-22714

A CWE-119:Improper restriction of operations within the bounds of a memory buffer vulnerability exists in PowerLogic ION7400, PM8000 and ION9000 All versions prior to V3.0.0, which could cause the meter to reboot or allow for remote code execution...

CVE-2020-1918

In-memory file operations ie: using fopen on a data URI did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, a...

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook lies in the fact that when an operation is performed outside the buffer in memory, it allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the visual analysis tool IBM i2 Analyst’s Notebook relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure or execute arbitrary code using a specially created file with...

The vulnerability of the web server of industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-300 arises from the possibility of executing operations outside the buffer in memory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the web server of industrial switches SCALANCE X-200, SCALANCE X-200IRT, and SCALANCE X-300 lies in the fact that the operation results are stored outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a...