hornerautomation cscape の CVE(28 件)

CVE 件数: 28 CPE versions: View versions table

概要

本ページは hornerautomation cscape に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 120 / 28 CVE 件数
«« 先頭 « 前へ 1 / 2 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2023-7206 In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected installations of Cscape. [email protected] 7.8 0.21% 2024-01-15 2026-06-17
CVE-2023-32203 Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e374b. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. [email protected] 7.8 0.23% 2023-06-06 2026-06-17
CVE-2023-31278 Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. [email protected] 7.8 0.23% 2023-06-06 2026-06-17
CVE-2023-31244 The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer. [email protected] 7.8 0.23% 2023-06-06 2026-06-17
CVE-2023-29503 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. [email protected] 7.8 0.23% 2023-06-06 2026-06-17
CVE-2023-28653 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. [email protected] 7.8 0.24% 2023-06-06 2026-06-17
CVE-2023-27916 The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. [email protected] 7.8 0.23% 2023-06-06 2026-06-17
CVE-2023-32539 Horner Automation Cscape lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. [email protected] 7.8 0.23% 2023-06-06 2026-06-17
CVE-2023-32289 The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. [email protected] 7.8 0.23% 2023-06-06 2026-06-17
CVE-2023-32281 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. [email protected] 7.8 0.23% 2023-06-06 2026-06-17
CVE-2023-32545 The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. [email protected] 7.8 0.23% 2023-06-06 2026-06-17
CVE-2022-3377 Horner Automation's Cscape version 9.90 SP 6 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory read. [email protected] 7.8 0.24% 2022-11-15 2026-06-17
CVE-2022-3379 Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by writing outside the memory buffer. [email protected] 7.8 0.18% 2022-10-27 2026-06-17
CVE-2022-3378 Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory write. [email protected] 7.8 0.24% 2022-10-27 2026-06-17
CVE-2022-30540 The affected product is vulnerable to a heap-based buffer overflow via uninitialized pointer, which may allow an attacker to execute arbitrary code [email protected] 7.8 0.90% 2022-06-02 2026-06-17
CVE-2022-29488 The affected product is vulnerable to an out-of-bounds read via uninitialized pointer, which may allow an attacker to execute arbitrary code. [email protected] 7.8 0.82% 2022-06-02 2026-06-17
CVE-2022-28690 The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may allow an attacker to execute arbitrary code. [email protected] 7.8 0.82% 2022-06-02 2026-06-17
CVE-2022-27184 The affected product is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code. [email protected] 7.8 0.80% 2022-06-02 2026-06-17
CVE-2021-33015 Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds write via an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process. [email protected] 7.8 1.00% 2021-08-25 2026-06-16
CVE-2021-32995 Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute code in the context of the current process. [email protected] 7.8 1.00% 2021-08-25 2026-06-16
«« 先頭 « 前へ 1 / 2 次へ »
cvelogic Threat Intelligence