Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-7206 | 1 Hornerautomation | 1 Cscape | 2024-01-23 | N/A | 7.8 HIGH |
| In Horner Automation Cscape versions 9.90 SP10 and prior, local attackers are able to exploit this vulnerability if a user opens a malicious CSP file, which would result in execution of arbitrary code on affected installations of Cscape. | |||||
| CVE-2023-29503 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a stack-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2023-32545 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2023-32539 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e3c04. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. | |||||
| CVE-2023-31278 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. | |||||
| CVE-2023-28653 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2023-27916 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process. | |||||
| CVE-2023-32281 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in the FontManager. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2023-31244 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected product does not properly validate user-supplied data. If a user opens a maliciously formed CSP file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer. | |||||
| CVE-2023-32203 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g., HMI). This could lead to an out-of-bounds write at CScape_EnvisionRV+0x2e374b. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2023-32289 | 1 Hornerautomation | 2 Cscape, Cscape Envisionrv | 2023-12-10 | N/A | 7.8 HIGH |
| The affected application lacks proper validation of user-supplied data when parsing project files (e.g.., CSP). This could lead to an out-of-bounds read in IO_CFG. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2022-3377 | 1 Hornerautomation | 1 Cscape | 2023-12-10 | N/A | 7.8 HIGH |
| Horner Automation's Cscape version 9.90 SP 6 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory read. | |||||
| CVE-2022-3378 | 1 Hornerautomation | 1 Cscape | 2023-12-10 | N/A | 7.8 HIGH |
| Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by accessing an uninitialized pointer, leading to an out-of-bounds memory write. | |||||
| CVE-2022-3379 | 1 Hornerautomation | 1 Cscape | 2023-12-10 | N/A | 7.8 HIGH |
| Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. If a user opens a maliciously formed FNT file, then an attacker could execute arbitrary code within the current process by writing outside the memory buffer. | |||||
| CVE-2022-30540 | 1 Hornerautomation | 1 Cscape | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| The affected product is vulnerable to a heap-based buffer overflow via uninitialized pointer, which may allow an attacker to execute arbitrary code | |||||
| CVE-2022-29488 | 1 Hornerautomation | 1 Cscape | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| The affected product is vulnerable to an out-of-bounds read via uninitialized pointer, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2022-28690 | 1 Hornerautomation | 1 Cscape | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2022-27184 | 1 Hornerautomation | 1 Cscape | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| The affected product is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2021-33015 | 1 Hornerautomation | 1 Cscape | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
| Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds write via an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-22682 | 1 Hornerautomation | 1 Cscape | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| Cscape (All versions prior to 9.90 SP4) is configured by default to be installed for all users, which allows full permissions, including read/write access. This may allow unprivileged users to modify the binaries and configuration files and lead to local privilege escalation. | |||||