CVE-2023-22424

Use-after-free vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a speciall...

CVE-2023-22424

Use-after-free vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a speciall...

Out-of-bounds

Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. When processing a comment block in stage information, the end of data cannot be verified and out-of-bounds read occurs. As a result, opening a special...

Out-of-bounds

Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. The insufficient buffer size for the PLC program instructions leads to out-of-bounds read. As a result, opening a specially crafted project file may...

Design/Logic Flaw

Use-after-free vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a speciall...

JTEKT Kostac PLC Programming Software 缓冲区错误漏洞

JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.9.0 and prior versions, which originates from an out-of-bounds read due to an inability to validate data...

CVE-2023-22424

Use-after-free vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a speciall...

CVE-2023-22421

Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. The insufficient buffer size for the PLC program instructions leads to out-of-bounds read. As a result, opening a specially crafted project file may...

CVE-2023-22424

Use-after-free vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a speciall...

CVE-2023-22424

CVE-2023-22424 affects Kostac PLC Programming Software (formerly Koyo PLC Programming Software) by a Use-After-Free vulnerability when the maximum number of columns for the PLC program is mis-handled. The issue occurs in versions 1.6.9.0 and earlier and can lead to information disclosure and/or a...

CVE-2023-22421

CVE-2023-22421 affects Kostac PLC Programming Software (formerly Koyo PLC Programming Software) by JTEKT Electronics. The flaw is an out-of-bounds read caused by an insufficient buffer size for PLC program instructions, triggered when opening a specially crafted project file. The impact is inform...

CVE-2023-22419

Kostac PLC Programming Software (JTEKT Kostac) versions 1.6.9.0 and earlier are affected by CVE-2023-22419. The issue is an out-of-bounds read occurring while processing a comment block in stage information, due to end-of-data verification failure. This can lead to information disclosure and/or a...

GHSA-3738-P9X3-MV9R XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author

Impact It's possible to use the right of an existing document content author to execute a text area property. To reproduce: As an admin with programming rights, create a new user without script or programming right. Login with the freshly created user. Insert the following text in source mode in...

XWiki Platform vulnerable to privilege escalation via properties with wiki syntax that are executed with wrong author

Impact It's possible to use the right of an existing document content author to execute a text area property. To reproduce: As an admin with programming rights, create a new user without script or programming right. Login with the freshly created user. Insert the following text in source mode in...

[SECURITY] Fedora 36 Update: golang-1.19.6-1.fc36

The Go Programming Language...

The vulnerability of the application software interface for Active Directory Domain Services on the Windows operating system allows a perpetrator to cause a service failure.

The vulnerability of the Active Directory Domain Services application programming interface for the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

PT-2023-1669 · Unknown · Kostac Plc Programming

Name of the Vulnerable Software and Affected Versions: Kostac PLC Programming Software versions 1.6.9.0 and earlier Description: The issue is related to an out-of-bounds read vulnerability that occurs when processing a comment block in stage information. This can lead to information disclosure...

Fedora: Security Advisory for golang (FEDORA-2023-ce66f112b2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-26055 XWiki Commons may allow privilege escalation to programming rights via user's first name

XWiki Commons are technical libraries common to several other top level XWiki projects. Starting in version 3.1-milestone-1, any user can edit their own profile and inject code, which is going to be executed with programming right. The same vulnerability can also be exploited in all other places...

CVE-2023-26056 XWiki Platform allows macro execution as any user without programming rights through the context macro

XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known...