CVE-2022-29925

Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file...

CVE-2022-29522

Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file...

CVE-2022-29925

Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file...

Design/Logic Flaw

Use after free vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file...

Cross site scripting

Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file...

Heap overflow

Heap-based buffer overflow exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file...

CVE-2022-29506

CVE-2022-29506 affects Fuji Electric Monitouch V-SFT, specifically the simulator module, with V-SFT versions up to 6.1.3.0 vulnerable to an out-of-bounds read (CWE-125) that can lead to information disclosure and arbitrary code execution when a user opens a specially crafted image file. JPN/JPCER...

CVE-2022-29506

Out-of-bounds read vulnerability exist in the simulator module contained in the graphic editor 'V-SFT' v6.1.3.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file...

CVE-2022-26302

CVE-2022-26302 affects Fuji Electric V-SFT in the simulator module; versions prior to v6.1.6.0 are vulnerable to a heap-based buffer overflow when opening a specially crafted image file. The underlying impact reported is potential information disclosure and/or arbitrary code execution. Red Hat se...

Unicorn Engine Denial of Service Vulnerability

Unicorn Engine is an application. A lightweight, multi-platform, multi-architecture CPU simulator framework based on QEMU. Unicorn Engine v2.0.0-rc7 and earlier versions have a denial of service vulnerability that stems from qemuramfree dereferencing null pointers. An attacker could exploit this...

Multiple vulnerabilities in Fuji Electric V-SFT

Overview Multiple vulnerabilities listed below exist in the simulator module contained in the graphic editor "V-SFT" provided by FUJI ELECTRIC CO., LTD. Out-of-bounds Write CWE-787 - CVE-2022-30538 Out-of-bounds Read CWE-125 - CVE-2022-30546 Heap-based Buffer Overflow CWE-122 - CVE-2022-26302 Use...

com.buession.cas:buession-cas-ticket (>=2.3.0 <=2.3.2), com.buession.cas:buession-cas-ticket-infinispan (>=2.3.0 <=2.3.2) +525 more potentially affected by CVE-2021-3642 via org.wildfly.security:wildfly-elytron (>=1.11.0.CR1 <=1.15.4.Final)

org.wildfly.security:wildfly-elytron MAVEN version =1.11.0.CR1, =2.3.0, =2.3.0, =2.3.0, =0.8.0, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =1.2.6, =2.0.20, =0.12, =1.0 and more Source cves: CVE-2021-3642 Source advisory: OSV:GHSA-5499-QJVH-6J7W...

PT-2022-3357 · V-Sft · V-Sft

Name of the Vulnerable Software and Affected Versions: V-SFT versions prior to v6.1.6.0 Description: The issue is related to the use of an uninitialized pointer in the simulator module of the V-SFT graphic editor. This could allow an attacker to gain unauthorized access to protected information o...

Schneider Electric Modicon Out-of-bounds Read (CVE-2021-22790)

A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU part numbers BMEP and BMEH, all versions, Modicon M340 CPU part...

Schneider Electric Modicon NULL Pointer Dereference (CVE-2021-22792)

A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU part numbers BMEP and BMEH, all versions, Modicon M340 CPU par...

The vulnerability of the monitoring software for PLK devices from Fuji Electric, V-Server Lite and Tellus Lite V-Simulator, arises from buffer overflows in the dynamic memory. This vulnerability allows a hacker to execute arbitrary code.

The vulnerability of the monitoring software for Fujifilm’s V-Server Lite and Tellus Lite V-Simulator lies in buffer overflows in the dynamic memory during syntax analysis of V8 files in the V-Simulator module. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using...

CVE-2021-38401

Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an untrusted pointer dereference, which may allow an attacker to execute arbitrary code and cause the application to crash...

CVE-2021-38415

Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable a heap-based buffer overflow when parsing a specially crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2021-38409

Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an access of uninitialized pointer, which may allow an attacker read from or write to unexpected memory locations, leading to a denial-of-service...

CVE-2021-38401

Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable to an untrusted pointer dereference, which may allow an attacker to execute arbitrary code and cause the application to crash...