Export limit exceeded: 80915 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80915 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33004 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.8 High |
| The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior). | ||||
| CVE-2021-33002 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.8 High |
| Opening a maliciously crafted project file may cause an out-of-bounds write, which may allow an attacker to execute arbitrary code. User interaction is require on the WebAccess HMI Designer (versions 2.1.9.95 and prior). | ||||
| CVE-2021-33000 | 1 Advantech | 1 Webaccess\/hmi Designer | 2024-11-21 | 7.8 High |
| Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform arbitrary code execution. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior). | ||||
| CVE-2021-32999 | 1 Aveva | 1 Suitelink | 2024-11-21 | 7.5 High |
| Improper handling of exceptional conditions in SuiteLink server while processing command 0x01 | ||||
| CVE-2021-32995 | 1 Hornerautomation | 1 Cscape | 2024-11-21 | 7.8 High |
| Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2021-32993 | 1 Philips | 4 Intellibridge Ec40, Intellibridge Ec40 Firmware, Intellibridge Ec80 and 1 more | 2024-11-21 | 8.1 High |
| IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a password or a cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | ||||
| CVE-2021-32987 | 1 Aveva | 1 Suitelink | 2024-11-21 | 7.5 High |
| Null pointer dereference in SuiteLink server while processing command 0x0b | ||||
| CVE-2021-32979 | 1 Aveva | 1 Suitelink | 2024-11-21 | 7.5 High |
| Null pointer dereference in SuiteLink server while processing commands 0x04/0x0a | ||||
| CVE-2021-32975 | 1 Hornerautomation | 1 Cscape | 2024-11-21 | 7.8 High |
| Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2021-32971 | 1 Aveva | 1 Suitelink | 2024-11-21 | 7.5 High |
| Null pointer dereference in SuiteLink server while processing command 0x07 | ||||
| CVE-2021-32963 | 1 Aveva | 1 Suitelink | 2024-11-21 | 7.5 High |
| Null pointer dereference in SuiteLink server while processing commands 0x03/0x10 | ||||
| CVE-2021-32959 | 1 Aveva | 1 Suitelink | 2024-11-21 | 8.1 High |
| Heap-based buffer overflow in SuiteLink server while processing commands 0x05/0x06 | ||||
| CVE-2021-32952 | 2 Opendesign, Siemens | 4 Drawings Sdk, Comos, Jt2go and 1 more | 2024-11-21 | 7.8 High |
| An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process. | ||||
| CVE-2021-32950 | 2 Opendesign, Siemens | 4 Drawings Sdk, Comos, Jt2go and 1 more | 2024-11-21 | 7.1 High |
| An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations. | ||||
| CVE-2021-32948 | 2 Opendesign, Siemens | 4 Drawings Sdk, Comos, Jt2go and 1 more | 2024-11-21 | 7.8 High |
| An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process. | ||||
| CVE-2021-32947 | 1 Fatek | 1 Fvdesigner | 2024-11-21 | 7.8 High |
| FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2021-32946 | 2 Opendesign, Siemens | 4 Drawings Sdk, Comos, Jt2go and 1 more | 2024-11-21 | 7.8 High |
| An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow attackers to cause a denial-of-service condition or execute code in the context of the current process. | ||||
| CVE-2021-32944 | 2 Opendesign, Siemens | 4 Drawings Sdk, Comos, Jt2go and 1 more | 2024-11-21 | 7.8 High |
| A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a memory corruption or arbitrary code execution, allowing attackers to cause a denial-of-service condition or execute code in the context of the current process. | ||||
| CVE-2021-32940 | 2 Opendesign, Siemens | 4 Drawings Sdk, Comos, Jt2go and 1 more | 2024-11-21 | 7.1 High |
| An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or read sensitive information from memory locations. | ||||
| CVE-2021-32939 | 1 Fatek | 1 Fvdesigner | 2024-11-21 | 7.8 High |
| FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary code execution. | ||||