Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-17905

Summary
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At-05 Nov, 2018 | 23:00
Updated At-16 Sep, 2024 | 22:29
Rejected At-
Credits

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:icscert
Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At:05 Nov, 2018 | 23:00
Updated At:16 Sep, 2024 | 22:29
Rejected At:
▼CVE Numbering Authority (CNA)

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object.

Affected Products
Vendor
Omron
Product
CX-Supervisor
Versions
Affected
  • Versions 3.4.1.0 and prior.
Problem Types
TypeCWE IDDescription
CWECWE-119IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119
Type: CWE
CWE ID: CWE-119
Description: IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://ics-cert.us-cert.gov/advisories/ICSA-18-290-01
x_refsource_MISC
http://www.securityfocus.com/bid/105691
vdb-entry
x_refsource_BID
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-18-290-01
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/bid/105691
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://ics-cert.us-cert.gov/advisories/ICSA-18-290-01
x_refsource_MISC
x_transferred
http://www.securityfocus.com/bid/105691
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-18-290-01
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/bid/105691
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ics-cert@hq.dhs.gov
Published At:05 Nov, 2018 | 23:29
Updated At:09 Oct, 2019 | 23:37

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
omron
omron
>>cx-supervisor>>Versions up to 3.4.1.0(inclusive)
cpe:2.3:a:omron:cx-supervisor:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE-119Secondaryics-cert@hq.dhs.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-119
Type: Secondary
Source: ics-cert@hq.dhs.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/105691ics-cert@hq.dhs.gov
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-290-01ics-cert@hq.dhs.gov
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/bid/105691
Source: ics-cert@hq.dhs.gov
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://ics-cert.us-cert.gov/advisories/ICSA-18-290-01
Source: ics-cert@hq.dhs.gov
Resource:
Third Party Advisory
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

2631Records found
CVE-2022-25959
Matching Score-10
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-10
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.19% / 41.56%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 22:17
Updated-16 Apr, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation Studio 5000 Logix Designer Improper Restriction of Operations within the Bounds of a Memory Buffer

Omron CX-Position (versions 2.5.3 and prior) is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-omronOmron
Product-cx-positionCX-Position
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-21137
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.69% / 70.79%
||
7 Day CHG~0.00%
Published-14 Jan, 2022 | 19:10
Updated-16 Apr, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Omron CX-One

Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-omronOmron
Product-cx-oneCX-One
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33208
Matching Score-8
Assigner-JPCERT/CC
ShareView Details
Matching Score-8
Assigner-JPCERT/CC
CVSS Score-8.1||HIGH
EPSS-0.09% / 26.84%
||
7 Day CHG+0.01%
Published-04 Jul, 2022 | 01:50
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who can analyze the communication between the affected controller and automation software 'Sysmac Studio' and/or a Programmable Terminal (PT) to access the controller.

Action-Not Available
Vendor-omronOMRON Corporation
Product-nx1p2-1040dt_firmwarenj501-4300_firmwarenx701-1620_firmwarenj501-4500_firmwarenx1w-cif01_firmwarenj501-r320nj501-5300nx701-1600nx1w-adb21nj501-r320_firmwarenx102-1220nj501-r300nj101-1020_firmwarena5-12wnx102-1200_firmwarenx102-1100nx1p2-9024dt_firmwarenx1p2-1040dt1na5-12w_firmwarenx1p2-9024dtna5-9wnx701-1700nj501-r420_firmwarenx1w-cif11_firmwarenj501-1300nj501-1420_firmwarenj501-5300_firmwarenx1w-dab21vnj101-1020nj501-r420nx1w-adb21_firmwarenx701-z700nx1p2-1140dt1_firmwarenx102-1120nx1p2-1040dt1_firmwarenj501-4500nx102-1000_firmwarenx102-1000nj-pa3001_firmwarenx102-9020_firmwarenx1w-dab21v_firmwarenj501-1500_firmwarenx701-1720_firmwarenx1w-mab221_firmwarenj101-1000nj-pd3001na5-7wnx1w-mab221na5-15w_firmwarenx102-1100_firmwarenj501-1340nx701-z600_firmwarenj501-1320_firmwarena5-7w_firmwarenx1p2-1140dt_firmwarenx1p2-1040dtnx1p2-1140dt1nx102-1020_firmwarenj501-1420nj501-4310_firmwarenj501-r500_firmwarenx701-1720sysmac_studiona5-9w_firmwarenj501-4320nj501-1500nx1w-cif12_firmwarenj501-140_firmwarenj501-4400nx1w-cif11nj501-r520nj501-140nx701-1600_firmwarenj501-1520nx102-1120_firmwarenj301-1100_firmwarena5-15wnj501-4320_firmwarenj501-r400_firmwarenx1w-cif01nj501-1300_firmwarenj-pa3001nx102-1220_firmwarenj501-4300nj301-1100nj501-4400_firmwarenj101-1000_firmwarenj101-9020_firmwarenx701-1700_firmwarenj301-1200nx102-9020nj-pd3001_firmwarenx701-z600nj101-9000nj501-r500nj501-1320nj501-1340_firmwarenj301-1200_firmwarenj501-1520_firmwarenx1p2-1140dtnx701-z700_firmwarenx1w-cif12nj501-r400nx1p2-9024dt1nx102-1020nx102-1200nj501-r520_firmwarenj101-9020nj501-4310nx701-1620nx1p2-9024dt1_firmwarenj501-r300_firmwarenj101-9000_firmwareMachine automation controller NJ series, Machine automation controller NX series, Automation software 'Sysmac Studio', and Programmable Terminal (PT) NA series
CWE ID-CWE-294
Authentication Bypass by Capture-replay
CVE-2021-27413
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.79% / 73.00%
||
7 Day CHG~0.00%
Published-13 May, 2021 | 18:56
Updated-03 Aug, 2024 | 20:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-omronn/a
Product-cx-servercx-oneOmron CX-One
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-13533
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.1||HIGH
EPSS-0.28% / 50.60%
||
7 Day CHG~0.00%
Published-16 Dec, 2019 | 19:25
Updated-04 Aug, 2024 | 23:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, an attacker could monitor traffic between the PLC and the controller and replay requests that could result in the opening and closing of industrial valves.

Action-Not Available
Vendor-omronn/a
Product-plc_cs_firmwareplc_cj_firmwareOmron PLC CJ and CS Series
CWE ID-CWE-294
Authentication Bypass by Capture-replay
CVE-2022-26419
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.64% / 69.69%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 22:17
Updated-16 Apr, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation Studio 5000 Logix Designer Code Injection

Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code.

Action-Not Available
Vendor-omronOmron
Product-cx-positionCX-Position
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-26417
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.68%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 22:17
Updated-16 Apr, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation Studio 5000 Logix Designer Use After Free

Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-omronOmron
Product-cx-positionCX-Position
CWE ID-CWE-416
Use After Free
CVE-2022-26022
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.19% / 41.56%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 22:17
Updated-16 Apr, 2025 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rockwell Automation Studio 5000 Logix Designer Out-of-Bounds Write

Omron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-omronOmron
Product-cx-positionCX-Position
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25325
Matching Score-8
Assigner-JPCERT/CC
ShareView Details
Matching Score-8
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.48% / 64.32%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 09:00
Updated-03 Aug, 2024 | 04:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230.

Action-Not Available
Vendor-omronOMRON Corporation
Product-cx-programmerCX-Programmer
CWE ID-CWE-416
Use After Free
CVE-2022-25234
Matching Score-8
Assigner-JPCERT/CC
ShareView Details
Matching Score-8
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.14%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 09:00
Updated-03 Aug, 2024 | 04:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-21124.

Action-Not Available
Vendor-omronOMRON Corporation
Product-cx-programmerCX-Programmer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25230
Matching Score-8
Assigner-JPCERT/CC
ShareView Details
Matching Score-8
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.48% / 64.32%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 09:00
Updated-03 Aug, 2024 | 04:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325.

Action-Not Available
Vendor-omronOMRON Corporation
Product-cx-programmerCX-Programmer
CWE ID-CWE-416
Use After Free
CVE-2020-27259
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-0.48% / 63.93%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 14:09
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Omron CX-One

The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code.

Action-Not Available
Vendor-omronOmron
Product-cx-positioncx-servercx-protocolcx-oneCX-ServerCX-PositionCX-ProtocolCX-One
CWE ID-CWE-822
Untrusted Pointer Dereference
CVE-2020-27261
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-1.25% / 78.47%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 14:09
Updated-17 Sep, 2024 | 00:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Omron CX-One

The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.

Action-Not Available
Vendor-omronOmron
Product-cx-positioncx-servercx-protocolcx-oneCX-ServerCX-PositionCX-ProtocolCX-One
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-27257
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.53% / 66.04%
||
7 Day CHG~0.00%
Published-09 Feb, 2021 | 14:10
Updated-17 Sep, 2024 | 02:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Omron CX-One

This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices.

Action-Not Available
Vendor-omronOmron
Product-cx-positioncx-servercx-protocolcx-oneCX-ServerCX-PositionCX-ProtocolCX-One
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2019-6556
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-6.6||MEDIUM
EPSS-0.21% / 43.15%
||
7 Day CHG~0.00%
Published-10 Apr, 2019 | 19:48
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Action-Not Available
Vendor-omronOmron
Product-cx-programmercommon_componentsCX-Programmer within CX-One
CWE ID-CWE-416
Use After Free
CVE-2019-18251
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-0.26% / 48.88%
||
7 Day CHG~0.00%
Published-25 Nov, 2019 | 23:29
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit.

Action-Not Available
Vendor-omronn/aTeamViewer
Product-cx-supervisorteamviewerOmron CX-Supervisor
CWE ID-CWE-477
Use of Obsolete Function
CVE-2019-10971
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.18% / 40.18%
||
7 Day CHG~0.00%
Published-12 Jun, 2019 | 15:03
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The application (Network Configurator for DeviceNet Safety 3.41 and prior) searches for resources by means of an untrusted search path that could execute a malicious .dll file not under the application's direct control and outside the intended directories.

Action-Not Available
Vendor-omronn/a
Product-network_configurator_for_devicenet_safetyNetwork Configurator for DeviceNet Safety
CWE ID-CWE-426
Untrusted Search Path
CVE-2018-19019
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.3||HIGH
EPSS-0.18% / 39.93%
||
7 Day CHG~0.00%
Published-22 Jan, 2019 | 20:00
Updated-17 Sep, 2024 | 01:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Action-Not Available
Vendor-omronICS-CERT
Product-cx-supervisorCX-Supervisor
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-19027
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.26% / 49.47%
||
7 Day CHG~0.00%
Published-30 Jan, 2019 | 16:00
Updated-16 Sep, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Action-Not Available
Vendor-omronOmron
Product-cx-protocolcx-oneCX-Protocol within CX-One
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-18989
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.19% / 41.37%
||
7 Day CHG~0.00%
Published-04 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Action-Not Available
Vendor-omronn/a
Product-cx-programmercx-servercx-oneCX-One (CX-Programmer and CX-Server)
CWE ID-CWE-416
Use After Free
CVE-2018-19011
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-0.51% / 65.25%
||
7 Day CHG~0.00%
Published-22 Jan, 2019 | 20:00
Updated-16 Sep, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application.

Action-Not Available
Vendor-omronICS-CERT
Product-cx-supervisorCX-Supervisor
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-18993
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.56% / 67.26%
||
7 Day CHG~0.00%
Published-04 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application.

Action-Not Available
Vendor-omronn/a
Product-cx-programmercx-servercx-oneCX-One (CX-Programmer and CX-Server)
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-19017
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-8.8||HIGH
EPSS-0.53% / 66.45%
||
7 Day CHG~0.00%
Published-22 Jan, 2019 | 20:00
Updated-17 Sep, 2024 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). When processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Action-Not Available
Vendor-omronICS-CERT
Product-cx-supervisorCX-Supervisor
CWE ID-CWE-416
Use After Free
CVE-2018-17909
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.19% / 41.37%
||
7 Day CHG~0.00%
Published-05 Nov, 2018 | 23:00
Updated-16 Sep, 2024 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code under the context of the application.

Action-Not Available
Vendor-omronOmron
Product-cx-supervisorCX-Supervisor
CWE ID-CWE-416
Use After Free
CVE-2018-17913
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.19% / 41.19%
||
7 Day CHG~0.00%
Published-05 Nov, 2018 | 23:00
Updated-16 Sep, 2024 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application.

Action-Not Available
Vendor-omronOmron
Product-cx-supervisorCX-Supervisor
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2022-21124
Matching Score-8
Assigner-JPCERT/CC
ShareView Details
Matching Score-8
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.48%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 09:00
Updated-03 Aug, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234.

Action-Not Available
Vendor-omronOMRON Corporation
Product-cx-programmerCX-Programmer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-21219
Matching Score-8
Assigner-JPCERT/CC
ShareView Details
Matching Score-8
Assigner-JPCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.34% / 55.64%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 09:00
Updated-03 Aug, 2024 | 02:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.

Action-Not Available
Vendor-omronOMRON Corporation
Product-cx-programmerCX-Programmer
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-34151
Matching Score-8
Assigner-JPCERT/CC
ShareView Details
Matching Score-8
Assigner-JPCERT/CC
CVSS Score-8.1||HIGH
EPSS-1.45% / 79.97%
||
7 Day CHG~0.00%
Published-04 Jul, 2022 | 01:51
Updated-03 Aug, 2024 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac Studio' all models V1.49 and earlier, and Programmable Terminal (PT) NA series NA5-15W/NA5-12W/NA5-9W/NA5-7W models Runtime V1.15 and earlier, which may allow a remote attacker who successfully obtained the user credentials by analyzing the affected product to access the controller.

Action-Not Available
Vendor-omronOMRON Corporation
Product-nx1p2-1040dt_firmwarenj501-4300_firmwarenx701-1620_firmwarenj501-4500_firmwarenx1w-cif01_firmwarenj501-r320nj501-5300nx701-1600nx1w-adb21nj501-r320_firmwarenx102-1220nj501-r300nj101-1020_firmwarena5-12wnx102-1200_firmwarenx102-1100nx1p2-9024dt_firmwarenx1p2-1040dt1na5-12w_firmwarenx1p2-9024dtna5-9wnx701-1700nj501-r420_firmwarenx1w-cif11_firmwarenj501-1300nj501-1420_firmwarenj501-5300_firmwarenx1w-dab21vnj101-1020nj501-r420nx1w-adb21_firmwarenx701-z700nx1p2-1140dt1_firmwarenx102-1120nx1p2-1040dt1_firmwarenj501-4500nx102-1000_firmwarenx102-1000nj-pa3001_firmwarenx102-9020_firmwarenx1w-dab21v_firmwarenj501-1500_firmwarenx701-1720_firmwarenx1w-mab221_firmwarenj101-1000nj-pd3001na5-7wnx1w-mab221na5-15w_firmwarenx102-1100_firmwarenj501-1340nx701-z600_firmwarenj501-1320_firmwarena5-7w_firmwarenx1p2-1140dt_firmwarenx1p2-1040dtnx1p2-1140dt1nx102-1020_firmwarenj501-1420nj501-4310_firmwarenj501-r500_firmwarenx701-1720sysmac_studiona5-9w_firmwarenj501-4320nj501-1500nx1w-cif12_firmwarenj501-140_firmwarenj501-4400nx1w-cif11nj501-r520nj501-140nx701-1600_firmwarenj501-1520nx102-1120_firmwarenj301-1100_firmwarena5-15wnj501-4320_firmwarenj501-r400_firmwarenx1w-cif01nj501-1300_firmwarenj-pa3001nx102-1220_firmwarenj501-4300nj301-1100nj501-4400_firmwarenj101-1000_firmwarenj101-9020_firmwarenx701-1700_firmwarenj301-1200nx102-9020nj-pd3001_firmwarenx701-z600nj101-9000nj501-r500nj501-1320nj501-1340_firmwarenj301-1200_firmwarenj501-1520_firmwarenx1p2-1140dtnx701-z700_firmwarenx1w-cif12nj501-r400nx1p2-9024dt1nx102-1020nx102-1200nj501-r520_firmwarenj101-9020nj501-4310nx701-1620nx1p2-9024dt1_firmwarenj501-r300_firmwarenj101-9000_firmwareMachine automation controller NJ series, Machine automation controller NX series, Automation software 'Sysmac Studio', and Programmable Terminal (PT) NA series
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2018-17907
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-3.3||LOW
EPSS-0.14% / 34.51%
||
7 Day CHG~0.00%
Published-05 Nov, 2018 | 23:00
Updated-17 Sep, 2024 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array.

Action-Not Available
Vendor-omronOmron
Product-cx-supervisorCX-Supervisor
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2011-1720
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-64.54% / 98.38%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.

Action-Not Available
Vendor-postfixn/a
Product-postfixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0713
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.27% / 83.99%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1547
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-36.38% / 96.99%
||
7 Day CHG+2.92%
Published-09 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.

Action-Not Available
Vendor-n/aNetBSD
Product-netbsdn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1684
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-4.11% / 88.15%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file.

Action-Not Available
Vendor-n/aVideoLAN
Product-vlc_media_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0900
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-7.23% / 91.24%
||
7 Day CHG~0.00%
Published-07 Feb, 2011 | 20:19
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the tsc_launch_remote function (src/support.c) in Terminal Server Client (tsclient) 0.150, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a .RDP file with a long hostname argument.

Action-Not Available
Vendor-erick_woodsn/a
Product-terminal_server_clientn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0722
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-6.8||MEDIUM
EPSS-0.68% / 70.65%
||
7 Day CHG~0.00%
Published-20 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file.

Action-Not Available
Vendor-mplayerhqn/aFFmpeg
Product-ffmpegmplayern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-11519
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.10% / 29.21%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 20:50
Updated-26 Nov, 2024 | 11:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IrfanView RLE File Parsing Memory Corruption Remote Code Execution Vulnerability

IrfanView RLE File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RLE files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24445.

Action-Not Available
Vendor-IrfanView
Product-irfanviewIrfanViewirfanview
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-1167
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-3.26% / 86.63%
||
7 Day CHG~0.00%
Published-28 Mar, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1049
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.70% / 71.06%
||
7 Day CHG~0.00%
Published-21 Feb, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Macho-O file.

Action-Not Available
Vendor-hex-raysn/a
Product-idan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0198
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-11.35% / 93.28%
||
7 Day CHG~0.00%
Published-24 Jun, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0177
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.48% / 80.18%
||
7 Day CHG~0.00%
Published-23 Mar, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted SFNT table in an embedded font.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0433
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-2.42% / 84.51%
||
7 Day CHG~0.00%
Published-19 Nov, 2012 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.

Action-Not Available
Vendor-t1libtetexn/aThe GNOME Project
Product-evincetetext1libn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0176
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.58% / 80.83%
||
7 Day CHG~0.00%
Published-23 Mar, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Apple Type Services (ATS) in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code via a document that contains a crafted embedded Type 1 font.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0427
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-5.92% / 90.26%
||
7 Day CHG~0.00%
Published-19 Jan, 2011 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-torn/a
Product-torn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0205
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-6.12% / 90.42%
||
7 Day CHG~0.00%
Published-24 Jun, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.

Action-Not Available
Vendor-n/aApple Inc.
Product-imageiomac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0538
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-28.36% / 96.34%
||
7 Day CHG~0.00%
Published-08 Feb, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-1722
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-10.85% / 93.09%
||
7 Day CHG~0.00%
Published-31 Jul, 2009 | 18:29
Updated-07 Aug, 2024 | 05:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-openexrn/a
Product-openexrn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0193
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.16% / 77.73%
||
7 Day CHG~0.00%
Published-23 Mar, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Image RAW in Apple Mac OS X before 10.6.7 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Canon RAW image.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0229
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.82% / 82.15%
||
7 Day CHG~0.00%
Published-14 Oct, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0605
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-6.8||MEDIUM
EPSS-4.12% / 88.16%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.Apple Inc.
Product-acrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0208
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.8||MEDIUM
EPSS-2.06% / 83.16%
||
7 Day CHG~0.00%
Published-24 Jun, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 52
  • 53
  • Next
Details not found