Aggregates CVE and security vulnerability intelligence across all hexagon-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk sql injection and related problems; some flaws may lead to vendor impact application crash, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-49114 | A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met. | 551230f0-3615-47bd-b7cc-93e92e730bbf | 6.7 | 0.05% | 2024-02-26 | 2025-04-25 |
| CVE-2021-32051 | Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter. | [email protected] | 7.5 | 1.11% | 2021-05-14 | 2024-11-21 |
| CVE-2013-3483 | Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ERS file. | [email protected] | 9.3 | 7.61% | 2014-01-19 | 2026-04-29 |
| CVE-2013-3482 | Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file. | [email protected] | 9.3 | 66.74% | 2014-01-19 | 2026-04-29 |
| CVE-2013-0726 | Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file. | [email protected] | 9.3 | 65.42% | 2013-05-05 | 2026-04-29 |
| CVE-2013-0728 | Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value. | [email protected] | 10.0 | 7.14% | 2013-04-25 | 2026-04-29 |