Cscape Envisionrv Security Vulnerabilities and Issues — Cscape Envisionrv CVE List

Lucene search

HornerautomationCscape Envisionrv

10 matches found

CVE•added 2023/06/06 5:15 p.m.•32 views

CVE-2023-28653

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.8AI score0.00045EPSS

CVE•added 2023/06/06 4:15 p.m.•32 views

CVE-2023-32539

Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current p...

7.8CVSS7.8AI score0.00042EPSS

CVE•added 2023/06/06 3:15 p.m.•32 views

CVE-2023-32545

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.7AI score0.00055EPSS

CVE•added 2023/06/06 5:15 p.m.•31 views

CVE-2023-29503

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.8AI score0.00052EPSS

CVE•added 2023/06/06 5:15 p.m.•31 views

CVE-2023-31278

Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process.

7.8CVSS7.8AI score0.00055EPSS

CVE•added 2023/06/06 5:15 p.m.•30 views

CVE-2023-31244

The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer.

7.8CVSS7.8AI score0.00038EPSS

CVE•added 2023/06/06 5:15 p.m.•30 views

CVE-2023-32203

Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e374b. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.9AI score0.00055EPSS

CVE•added 2023/06/06 4:15 p.m.•28 views

CVE-2023-32281

The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.7AI score0.00055EPSS

CVE•added 2023/06/06 4:15 p.m.•26 views

CVE-2023-32289

The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.7AI score0.00055EPSS

CVE•added 2023/06/06 5:15 p.m.•19 views

CVE-2023-27916

The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process.

7.8CVSS7.7AI score0.00055EPSS