Lucene search
K

135 matches found

NVD
NVD
added 2026/06/19 2:16 p.m.13 views

CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS0.00254EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 2:16 p.m.10 views

CVE-2026-48137

There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially...

9.8CVSS0.00549EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 1:41 p.m.29 views

CVE-2026-9142 Insecure Default Credentials vulnerability in NI grpc-device when TLS configuration is not present

There is an insecure default credentials vulnerability in NI grpc-device when TLS configuration is not present and the server is bound beyond loopback. This may allow an unauthenticated user access to the server on the local network. This affects NI grpc-device 2.17.0 and prior versions...

9.3CVSS0.00308EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 1:16 p.m.17 views

CVE-2026-48138

CVE-2026-48138 affects NI’s grpc-device streaming API and is an out-of-bounds read caused by a missing bounds check. Affected versions are NI grpc-device 2.17.0 and earlier. The vulnerability can lead to denial of service when an attacker sends a specially crafted write request. Exploitation deta...

8.7CVSS5.9AI score0.00343EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/19 1:5 p.m.13 views

CVE-2026-48137

Summary: CVE-2026-48137 is an untrusted pointer dereference in the NI grpc-device sideband streaming API affecting NI grpc-device 2.17.0 and earlier. A attacker can cause an arbitrary memory dereference and potentially remote code execution by sending a specially crafted Moniker protobuf message....

9.8CVSS6.3AI score0.00549EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-50889

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An out-of-bounds read occurs in the NI grpc-device streaming API because of a missing bounds check. This issue can lead to a denial of service if an attacker provides a specially crafted writ...

8.7CVSS5.9AI score0.00343EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50891

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An unchecked enum cast issue exists in the BeginSidebandStream function. An attacker can trigger invalid enum states and undefined behavior by supplying a specially crafted message containing...

7.1CVSS5.9AI score0.00254EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/02 5:26 p.m.10 views

EUVD-2026-33992

Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

8.4CVSS5.9AI score0.00107EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 5:26 p.m.17 views

CVE-2026-8036

NI-PAL is affected by improper input validation that may allow a local authenticated user to access arbitrary system memory, enabling privilege escalation. Affected: NI-PAL 26.3.0 and prior on Windows and Linux. Root cause: input validation weakness. Impact: local privilege escalation with potent...

8.4CVSS5.9AI score0.00107EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/02 5:22 p.m.16 views

CVE-2026-8035

Technical details for CVE-2026-8035 are not publicly available in the provided documents. Monitor for updates from NI and security advisories.

7.1CVSS5.8AI score0.00096EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.16 views

PT-2026-45848

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

7.1CVSS5.8AI score0.00096EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

National Instruments Ni-Pal 安全漏洞

National Instruments Ni-Pal is a software component of the American company National Instruments. It serves to provide necessary functions for multiple NI drivers. National Instruments Ni-Pal versions prior to 26.3.0 contain security vulnerabilities. These vulnerabilities stem from improper input...

8.4CVSS5.5AI score0.00107EPSS
Exploits0References2
CVE
CVE
added 2026/04/07 7:50 p.m.7 views

CVE-2026-32862

NI LabVIEW contains a memory corruption vulnerability (CVE-2026-32862) caused by an out-of-bounds write in ResFileFactory::InitResourceMgr(). The issue can lead to information disclosure or arbitrary code execution and requires a user to open a specially crafted VI file. Affected products: NI Lab...

8.5CVSS6.2AI score0.00148EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

NI LabVIEW 安全漏洞

NI LabVIEW is a graphical programming platform developed by National Instruments. Versions of NI LabVIEW prior to 2026 Q1 26.1.0 contained security vulnerabilities. These vulnerabilities were caused by an out-of-bounds write operation in the ResFileFactory::InitResourceMgr function, which could...

8.5CVSS6.1AI score0.00148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.5 views

NI LabVIEW 安全漏洞

NI LabVIEW is a graphical programming platform developed by National Instruments. Versions of NI LabVIEW prior to 2026 Q1 26.1.0 contained security vulnerabilities. These vulnerabilities stemmed from out-of-bound writing during the loading of corrupted LVCLASS files, which could lead to memory...

8.5CVSS7.4AI score0.0022EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.5 views

NI LabVIEW 安全漏洞

NI LabVIEW is a graphical programming platform developed by National Instruments. Versions of NI LabVIEW prior to 2026 Q1 26.1.0 contained security vulnerabilities. These vulnerabilities were caused by out-of-bound writing during the loading of corrupted LVLIB files, which could lead to memory...

8.5CVSS7.4AI score0.0022EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/20 12:0 a.m.5 views

NI FlexRIO < 2025 Q1 Arbitrary Code Execution (CVE-2024-12740)

The version of NI FlexRIO installed on the remote Windows host is prior to 2025 Q1. It is, therefore, affected by an arbitrary code execution vulnerability: - NI FlexRIO uses a third-party library for image processing that exposes several vulnerabilities. These vulnerabilities may result in...

7.8CVSS7.9AI score0.0019EPSS
Exploits0References2
OSV
OSV
added 2025/12/18 3:15 p.m.6 views

CVE-2025-64461

There is an out of bounds write vulnerability in NI LabVIEW in mgocreSH253!RevBL when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This...

8.5CVSS6AI score0.00135EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 2:50 p.m.4 views

CVE-2025-64468 Use-after-Free in sentry!sentry_span_set_data() in NI LabVIEW

There is a use-after-free vulnerability in sentry!sentryspansetdata when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability...

8.5CVSS6.9AI score0.00132EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 2:38 p.m.25 views

CVE-2025-64466 Out-of-Bounds Read in lvre!ExecPostedProcRecPost() in NI LabVIEW

There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedProcRecPost when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...

8.5CVSS0.00135EPSS
Exploits0References1
Rows per page
Query Builder