Lucene search
K
NiLabview

41 matches found

CVE
CVE
added 2017/09/05 6:0 p.m.88 views

CVE-2017-2779

The CVE-2017-2779 vulnerability affects National Instruments LabVIEW (LabVIEW 2016, 2017, 2015, 2014) where the RSRC segment parsing can be manipulated. In LabVIEW’s RSRC handling, the loop counter and offsets from the RSRC data can be controlled by an attacker via a specially crafted VI file. Th...

7.8CVSS7.8AI score0.02168EPSS
CVE
CVE
added 2024/12/10 3:49 p.m.88 views

CVE-2024-10494

CVE-2024-10494 affects NI LabVIEW prior to or including 2024 Q3. Root cause: an out-of-bounds read in HeapObjMapImpl.cpp due to improper input validation, which may disclose information or allow arbitrary code execution when a user opens a specially crafted VI. Impact is limited to affected LabVI...

8.4CVSS7.7AI score0.00194EPSS
CVE
CVE
added 2024/12/10 3:55 p.m.84 views

CVE-2024-10496

CVE-2024-10496 concerns NI LabVIEW, where an out-of-bounds read arises from improper input validation in the function BuildFontMap (fontmgr.cpp). Affected product/version: LabVIEW 2024 Q3 and earlier. Impact stated in sources: disclosure of information or arbitrary code execution if a user opens ...

8.4CVSS7.7AI score0.00194EPSS
CVE
CVE
added 2024/03/11 3:10 p.m.81 views

CVE-2024-23608

CVE-2024-23608 is an out-of-bounds write in NI LabVIEW caused by a missing bounds check. The issue enables remote code execution when a user is provided with a specially crafted VI, per the vulnerability description and multiple sources. Affected are LabVIEW 2024 Q1 and earlier versions. Several ...

7.8CVSS7.9AI score0.00591EPSS
CVE
CVE
added 2025/04/09 6:50 p.m.80 views

CVE-2025-2630

CVE-2025-2630 is a DLL hijacking vulnerability in NI LabVIEW caused by an uncontrolled search path. The issue affects NI LabVIEW 2025 Q1 and earlier versions; exploitation requires an attacker to drop a malicious DLL into the uncontrolled search path, potentially enabling arbitrary code execution...

7.8CVSS7.3AI score0.00171EPSS
CVE
CVE
added 2022/04/21 4:32 a.m.79 views

CVE-2022-27237

CVE-2022-27237 describes a cross-site scripting (XSS) vulnerability in an NI Web Server component used with several NI products. The advisory indicates the affected surface is the NI Web Server component across multiple NI product deployments, with remediation guidance requiring upgrading to one ...

6.1CVSS6AI score0.0054EPSS
CVE
CVE
added 2024/12/10 3:52 p.m.79 views

CVE-2024-10495

CVE-2024-10495 concerns an out-of-bounds read in NI LabVIEW’s font loading: fontmgr.cpp font table loading can disclose information or allow arbitrary code execution. Exploitation requires a user to open a specially crafted VI, affecting LabVIEW 2024 Q3 and earlier. Connected sources also referen...

8.4CVSS7.7AI score0.00194EPSS
CVE
CVE
added 2024/03/11 3:14 p.m.79 views

CVE-2024-23611

CVE-2024-23611 is an out-of-bounds write in National Instruments LabVIEW caused by a missing bounds check, leading to remote code execution on affected installations (LabVIEW 2024 Q1 and earlier). Exploitation requires a user to receive a specially crafted VI; the attacker must entice the user to...

7.8CVSS7.9AI score0.00604EPSS
CVE
CVE
added 2013/08/06 6:0 p.m.78 views

CVE-2013-5022

The CVE-2013-5022 entry concerns an Absolute path traversal via the CWGraph3D ActiveX control (cw3dgrph.ocx) in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products. Root cause: the ExportStyle method accepts a full pathname and, when combined...

10CVSS7.5AI score0.0257EPSS
CVE
CVE
added 2013/08/06 6:0 p.m.74 views

CVE-2013-5021

The CVE-2013-5021 issue affects multiple National Instruments CWUI ActiveX controls (CWNumEdit, CWGraph, CWBoolean, CWSlide, CWKnob) used in NI LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and ABB DataManager Data Analysis. A root cause in the ExportStyle() method enables ab...

9.3CVSS7.5AI score0.02073EPSS
CVE
CVE
added 2017/03/31 6:0 p.m.71 views

CVE-2017-2775

CVE-2017-2775 is a memory corruption flaw in NI LabVIEW’s LvVariantUnflatten handling affecting 64-bit LabVIEW 2015 before SP1 f7 and 2016 before f2. A specially crafted VI file can drive an attacker-controlled value as a loop terminator, triggering heap corruption via LV’s ReadTD/BinDataReader p...

7.8CVSS7.8AI score0.0294EPSS
CVE
CVE
added 2025/04/09 7:14 p.m.70 views

CVE-2025-2632

CVE-2025-2632 : NI LabVIEW (2025 Q1 and earlier) is affected by an out-of-bounds write caused by improper bounds checking when reading CPU information from cache. This can lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI. The ...

8.5CVSS7.7AI score0.00182EPSS
CVE
CVE
added 2024/07/23 1:19 p.m.69 views

CVE-2024-4079

CVE-2024-4079 Details: NI LabVIEW contains an out-of-bounds read due to a missing bounds check in LabVIEW, potentially disclosing info or enabling arbitrary code execution. Exploitation requires a user to open a specially crafted VI and is limited to local attack paths. Affected: LabVIEW 2024 Q1 ...

7.8CVSS7.7AI score0.00281EPSS
CVE
CVE
added 2024/03/11 3:19 p.m.68 views

CVE-2024-23612

NI LabVIEW CVE-2024-23612 is an improper error handling vulnerability affecting LabVIEW 2024 Q1 and earlier. Public docs confirm that exploitation requires a user to open or be presented with a specially crafted VI, potentially enabling remote code execution. Related disclosures (ZDI) describe an...

7.8CVSS7.8AI score0.00604EPSS
CVE
CVE
added 2024/03/11 3:12 p.m.67 views

CVE-2024-23610

CVE-2024-23610 is an out-of-bounds write in National Instruments LabVIEW caused by a missing bounds check in VI parsing, enabling remote code execution. Affected: LabVIEW 2024 Q1 and earlier versions. The exploit requires a user to run a specially crafted VI (per ZDI/NI advisories). Impact: poten...

7.8CVSS7.9AI score0.00591EPSS
CVE
CVE
added 2025/04/09 7:10 p.m.67 views

CVE-2025-2631

NI LabVIEW up to 2025 Q1 is affected by an out-of-bounds write in InitCPUInformation() due to improper bounds checking. This can lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI (local vector, user interaction needed). Affecte...

8.5CVSS7.7AI score0.00182EPSS
CVE
CVE
added 2024/03/11 3:17 p.m.64 views

CVE-2024-23609

CVE-2024-23609 is an improper error handling vulnerability in NI LabVIEW affecting 2024 Q1 and earlier. A remote code execution risk exists if a user opens a specially crafted VI, as described in the initial report. The exact root cause is unspecified beyond improper error handling; no patch/vers...

7.8CVSS7.8AI score0.00591EPSS
CVE
CVE
added 2013/08/06 6:0 p.m.61 views

CVE-2013-5023

The vulnerability CVE-2013-5023 affects NI software (e.g., LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier) where ActiveX controls in the HelpAsst component of NI Help Links can be triggered to display local CHM files, enabling remote denial of service. The underlying issue is e...

4.3CVSS6.7AI score0.01321EPSS
CVE
CVE
added 2024/07/23 1:29 p.m.59 views

CVE-2024-4080

CVE-2024-4080 is a memory corruption vulnerability in LabVIEW tdcore.dll (affecting LabVIEW 2024 Q1 and earlier). The root cause is an improper length check in tdcore.dll, which could disclose information or allow arbitrary code execution when a user opens a specially crafted VI. Exploitation req...

8.4CVSS7.9AI score0.00271EPSS
CVE
CVE
added 2024/07/23 1:32 p.m.55 views

CVE-2024-4081

CVE-2024-4081 is a memory corruption vulnerability in NI LabVIEW caused by an improper length check in the LabVIEW component (tdcore_24_1.dll is implicated in related CVEs). Affects NI LabVIEW 2024 Q1 and earlier versions. Exploitation requires a user to open a specially crafted VI (local attack ...

8.4CVSS7.9AI score0.00271EPSS
CVE
CVE
added 2026/04/07 7:46 p.m.54 views

CVE-2026-32861

The CVE-2026-32861 entry describes a memory corruption via an out-of-bounds write when NI LabVIEW loads a corrupted LVCLASS file. It affects NI LabVIEW up to and including 2026 Q1 (26.1.0) and earlier versions. The vulnerability may enable information disclosure or arbitrary code execution. Explo...

8.5CVSS6.2AI score0.0022EPSS
CVE
CVE
added 2026/04/07 7:42 p.m.52 views

CVE-2026-32860

The CVE-2026-32860 entry documents a memory corruption vulnerability in NI LabVIEW caused by an out-of-bounds write when loading a corrupted LVLIB file. The flaw may lead to information disclosure or arbitrary code execution. Successful exploitation requires a user to open a specially crafted .lv...

8.5CVSS6.2AI score0.0022EPSS
CVE
CVE
added 2024/07/22 7:55 p.m.51 views

CVE-2024-6638

CVE-2024-6638 affects LabVIEW 2024 Q1 and earlier versions. The issue is an integer overflow in the TDMS file reader caused by improper input validation, which can lead to an infinite loop. Exploitation requires a user to open a specially crafted TDMS file and is a local, user-interaction-based v...

5.5CVSS5.5AI score0.00158EPSS
CVE
CVE
added 2025/04/09 6:45 p.m.51 views

CVE-2025-2629

CVE-2025-2629 is a DLL hijacking vulnerability in NI LabVIEW when loading the NI Error Reporting module. The flaw arises from an uncontrolled search path, allowing an attacker to place a malicious DLL that could be loaded, potentially enabling arbitrary code execution. Affected: NI LabVIEW 2025 Q...

7.8CVSS7.3AI score0.00171EPSS
CVE
CVE
added 2025/12/18 2:28 p.m.38 views

CVE-2025-64463

NI LabVIEW is affected by CVE-2025-64463: an out-of-bounds read in LVResource::DetachResource() when parsing a corrupted VI file. Affected: LabVIEW 2025 Q3 (25.3) and earlier. Impact per sources: information disclosure or arbitrary code execution if a user opens a crafted VI; exploit requires use...

8.5CVSS6.8AI score0.00135EPSS
CVE
CVE
added 2025/07/29 9:19 p.m.30 views

CVE-2025-7361

CVE-2025-7361 affects NI LabVIEW 32-bit up to and including 2025 Q1. The issue is a code injection vulnerability caused by an improper initialization check in CIN nodes, which could allow arbitrary code execution if a user opens a specially crafted VI. LabVIEW 64-bit is not affected because CIN n...

8.5CVSS7.3AI score0.00276EPSS
CVE
CVE
added 2025/07/29 9:27 p.m.29 views

CVE-2025-7849

CVE-2025-7849: NI LabVIEW memory corruption due to improper error handling when a VILinkObj is null. Affects LabVIEW 2025 Q1 and earlier. Requires user to open a crafted VI for exploitation; locally exploitable with user interaction. Remediation: update to a version later than 2025 Q1 (per adviso...

8.5CVSS7.3AI score0.00234EPSS
CVE
CVE
added 2025/07/29 9:24 p.m.25 views

CVE-2025-7848

NI LabVIEW is affected by CVE-2025-7848 due to a memory corruption issue in the lvpict.cpp file caused by improper input validation. Affected products include LabVIEW 2025 Q1 and earlier versions. Exploitation requires a user to open a specially crafted VI, potentially enabling arbitrary code exe...

8.5CVSS7.3AI score0.00221EPSS
CVE
CVE
added 2025/07/23 3:49 p.m.24 views

CVE-2025-2633

NI LabVIEW is affected by CVE-2025-2633 due to an out-of-bounds read in the lvre!UDecStrToNum path, caused by improper bounds checking. This can lead to information disclosure or arbitrary code execution when a user opens a specially crafted VI. Affected products include LabVIEW 2025 Q1 and earli...

7.8CVSS6.8AI score0.00158EPSS
CVE
CVE
added 2025/12/18 2:21 p.m.24 views

CVE-2025-64461

NI LabVIEW is affected by an out-of-bounds write in mgocre_SH_25_3!RevBL() when opening a corrupted VI file, impacting 2025 Q3 (25.3) and earlier. Exploitation requires a user to open a crafted VI and can lead to information disclosure or arbitrary code execution. A patch/update to a version late...

8.5CVSS7AI score0.00135EPSS
CVE
CVE
added 2025/07/23 3:53 p.m.23 views

CVE-2025-2634

CVE-2025-2634 describes an out-of-bounds read in NI LabVIEW, specifically the fontmgr component, caused by improper bounds checking. The vulnerability may disclose information or allow arbitrary code execution. Exploitation requires a user to open a specially crafted VI, indicating a user-assiste...

7.8CVSS6.8AI score0.00158EPSS
CVE
CVE
added 2025/12/18 2:50 p.m.23 views

CVE-2025-64468

CVE-2025-64468 describes a use-after-free in NI LabVIEW’s sentry!sentry_span_set_data() when parsing a corrupted VI file. This could lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI file, and affects LabVIEW 2025 Q3 (25.3) and...

8.5CVSS6.9AI score0.00132EPSS
CVE
CVE
added 2025/12/18 2:53 p.m.20 views

CVE-2025-64469

NI LabVIEW is affected by a stack-based buffer overflow in LVResFile::FindRsrcListEntry() when opening a corrupted VI file. The vulnerability may allow information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI (local, with user interaction). A...

8.5CVSS7.2AI score0.00134EPSS
CVE
CVE
added 2025/12/18 2:32 p.m.18 views

CVE-2025-64464

NI LabVIEW is affected by an out-of-bounds read in lvre!VisaWriteFromFile() when parsing a corrupted VI file. Successful exploitation may disclose information or allow arbitrary code execution; exploitation requires a user to open a crafted VI. Impact described for LabVIEW 2025 Q3 (25.3) and earl...

8.5CVSS6.8AI score0.00132EPSS
CVE
CVE
added 2026/04/07 7:56 p.m.18 views

CVE-2026-32864

CVE-2026-32864 affects NI LabVIEW (2026 Q1, 26.1.0 and earlier). The vulnerability is a memory corruption due to an out-of-bounds read in mgcore_SH_25_3!aligned_free(), potentially leading to information disclosure or arbitrary code execution. Exploitation requires the user to open a specially cr...

8.5CVSS6.2AI score0.0014EPSS
CVE
CVE
added 2025/12/18 2:25 p.m.16 views

CVE-2025-64462

CVE-2025-64462 affects NI LabVIEW up to 2025 Q3 (25.3) and earlier. The vulnerability is an out-of-bounds read in LVResFile::RGetMemFileHandle() triggered while parsing a corrupted VI file, potentially leading to information disclosure or arbitrary code execution. Exploitation requires a user to ...

8.5CVSS6.8AI score0.00135EPSS
CVE
CVE
added 2025/12/18 2:38 p.m.16 views

CVE-2025-64466

CVE-2025-64466 is an out-of-bounds read in NI LabVIEW’s lvre!ExecPostedProcRecPost() triggered while parsing a corrupted VI file. Affects LabVIEW 2025 Q3 (25.3) and earlier. Impact stated: information disclosure or arbitrary code execution; exploitation requires a user to open a specially crafted...

8.5CVSS6.8AI score0.00135EPSS
CVE
CVE
added 2026/04/07 7:53 p.m.16 views

CVE-2026-32863

NI LabVIEW (2026 Q1 26.1.0 and earlier) contains a memory corruption vulnerability due to an out-of-bounds read in sentry_transaction_context_set_operation(). This may lead to information disclosure or arbitrary code execution. Exploitation requires a user to open a specially crafted VI file, ind...

8.5CVSS6.2AI score0.00193EPSS
CVE
CVE
added 2025/12/18 2:35 p.m.15 views

CVE-2025-64465

CVE-2025-64465 is an out-of-bounds read in NI LabVIEW’s lvre!DataSizeTDR() when parsing a corrupted VI file. Affected: NI LabVIEW 2025 Q3 (25.3) and earlier. Impact: information disclosure or arbitrary code execution if a user opens a specially crafted VI. Exploitation condition: user interaction...

8.5CVSS6.8AI score0.00132EPSS
CVE
CVE
added 2025/12/18 2:40 p.m.13 views

CVE-2025-64467

NI LabVIEW

8.5CVSS6.8AI score0.00132EPSS
CVE
CVE
added 2026/04/07 7:50 p.m.9 views

CVE-2026-32862

NI LabVIEW contains a memory corruption vulnerability (CVE-2026-32862) caused by an out-of-bounds write in ResFileFactory::InitResourceMgr(). The issue can lead to information disclosure or arbitrary code execution and requires a user to open a specially crafted VI file. Affected products: NI Lab...

8.5CVSS6.2AI score0.00148EPSS