CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7301 matches found

NVD•added 2023/02/03 3:15 a.m.•10 views

CVE-2022-4634

All versions prior to Delta Electronic’s CNCSoft version 1.01.34 running ScreenEditor versions 1.01.5 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code...

7.8CVSS7.9AI score0.00195EPSS

Exploits0References1

Cvelist•added 2023/02/02 10:57 p.m.•23 views

CVE-2023-0123 CVE-2023-0123

Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software...

7.8CVSS8.1AI score0.00104EPSS

Exploits0References1

Vulnrichment•added 2023/02/02 10:57 p.m.•6 views

CVE-2023-0123 CVE-2023-0123

7.8CVSS7.9AI score0.00104EPSS

Exploits0References1

CVE•added 2023/02/02 10:57 p.m.•63 views

CVE-2023-0123

CVE-2023-0123 applies to Delta Electronics DOPSoft versions ≤ 4.00.16.22. The issue is a stack-based buffer overflow in the DPA file parsing code caused by improper handling of user-supplied data length, which can allow remote code execution when a malformed DPA file is opened/processed. Exploita...

7.8CVSS7.8AI score0.00104EPSS

Exploits0References1Affected Software1

IBM Security Bulletins•added 2023/01/31 3:21 p.m.•48 views

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for its use of Golang Go (CVE-2022-24921, CVE-2022-28327, CVE-2022-24675)

Summary IBM Cloud Pak for Multicloud Management Monitoring has patched its use of Golang Go due to vulnerabilities with that runtime. Vulnerability Details CVEID:CVE-2022-24921 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation. By using a...

7.5CVSS9.3AI score0.00179EPSS

Exploits1Affected Software1

OpenVAS•added 2023/01/31 12:0 a.m.•44 views

Ubuntu: Security Advisory (USN-5832-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.2AI score0.00421EPSS

Exploits0References2

ICS•added 2023/01/31 12:0 a.m.•55 views

Delta Electronics DOPSoft

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DOPSoft Vulnerabilities: Stack-based Buffer Overflow, Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow for remote code execution. 3. TECHNICAL...

7.8CVSS8.5AI score0.00104EPSS

Exploits0References4

NVD•added 2023/01/30 11:15 p.m.•13 views

CVE-2022-32522

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted mathematically reduced data request messages. Affected Products: IGSS Data Server -...

9.8CVSS9.8AI score0.01773EPSS

Exploits0References1

Prion•added 2023/01/30 11:15 p.m.•22 views

Stack overflow

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted time reduced data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

7.5CVSS9.6AI score0.01773EPSS

Exploits0References1Affected Software1

Prion•added 2023/01/30 11:15 p.m.•15 views

Stack overflow

A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted online data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe...

7.5CVSS9.6AI score0.01773EPSS

Exploits0References1Affected Software1

CVE•added 2023/01/30 12:0 a.m.•58 views

CVE-2022-32524

CVE-2022-32524 affects Schneider Electric IGSS Data Server (IGSSdataServer.exe) prior to version 15.0.0.22170. The root cause is a CWE-120: Buffer Copy without Checking Size of Input, leading to a stack-based buffer overflow. This could enable remote code execution when an attacker sends speciall...

9.8CVSS9.6AI score0.01773EPSS

Exploits0References1Affected Software1

Tenable Nessus•added 2023/01/30 12:0 a.m.•36 views

EulerOS Virtualization 3.0.2.2 : vim (EulerOS-SA-2023-1303)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3778, CVE-2021-3872, CVE-2021-3927, CVE-2021-3984, CVE-2021-4019,...

8.8CVSS7.3AI score0.0158EPSS

Exploits50References51

CVE•added 2023/01/30 12:0 a.m.•63 views

CVE-2022-32526

CVE-2022-32526 affects Schneider Electric IGSS Data Server (IGSSdataServer.exe) prior to version 15.0.0.22170. The vulnerability is a CWE-120 buffer copy/stack-based overflow, triggered by specially crafted setting value messages, with potential remote code execution. Exploitation status is not d...

9.8CVSS9.6AI score0.02604EPSS

Exploits0References1Affected Software1

NVD•added 2023/01/26 10:15 p.m.•16 views

CVE-2022-41017

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS8.2AI score0.0349EPSS

Exploits1References2

NVD•added 2023/01/26 10:15 p.m.•8 views

CVE-2022-41013

9.8CVSS8.2AI score0.0349EPSS

Exploits1References2

NVD•added 2023/01/26 10:15 p.m.•15 views

CVE-2022-41006

9.8CVSS8.2AI score0.0349EPSS

Exploits1References2

NVD•added 2023/01/26 10:15 p.m.•12 views

CVE-2022-41001