hexagon 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に バッファオーバーフロー and vendor risk sql injection などに関し、一部は アプリケーションクラッシュ を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-49114 | A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met. | 551230f0-3615-47bd-b7cc-93e92e730bbf | 6.7 | 0.36% | 2024-02-26 | 2025-04-25 |
| CVE-2021-32051 | Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter. | [email protected] | 7.5 | 2.19% | 2021-05-14 | 2024-11-21 |
| CVE-2013-3483 | Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ERS file. | [email protected] | 9.3 | 3.50% | 2014-01-19 | 2026-04-29 |
| CVE-2013-3482 | Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file. | [email protected] | 9.3 | 31.51% | 2014-01-19 | 2026-04-29 |
| CVE-2013-0726 | Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file. | [email protected] | 9.3 | 27.98% | 2013-05-05 | 2026-04-29 |
| CVE-2013-0728 | Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value. | [email protected] | 10.0 | 4.40% | 2013-04-25 | 2026-04-29 |