CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17905 – OMRON CX-Supervisor SCS File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17905
17 Oct 2018 — When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object. Al procesar archivos de proyecto en Omron CX-Supervisor en versiones 3.4.1.0 y anteriores y falsificando un byte en concreto, podría ocurrir una corrupción de memoria en un objeto específico. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required ... • http://www.securityfocus.com/bid/105691 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17907 – OMRON CX-Supervisor SCS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17907
17 Oct 2018 — When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array. Al procesar archivos de proyecto Omron CX-Supervisor en versiones 3.4.1.0 y anteriores y falsificando el valor de un desplazamiento, un atacante puede forzar a la aplicación para que lea un valor fuera de un array. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of... • http://www.securityfocus.com/bid/105691 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17913 – OMRON Industrial Automation CX-Supervisor CSNewDataSets Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-17913
17 Oct 2018 — A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application. Existe una vulnerabilidad de confusión de tipos al procesar archivos de proyecto en Omron CX-Supervisor en versiones 3.4.1.0 y anteriores, lo que podría permitir que un atacante ejecute código en el contexto de la aplicación. This vulnerability allows remote attackers to execute arbitrary code on vulnerable insta... • http://www.securityfocus.com/bid/105691 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7513 – OMRON CX-Supervisor SCS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7513
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar un desbordamiento de búfer basado en pila. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious pag... • http://www.securityfocus.com/bid/103394 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7515 – OMRON CX-Supervisor SCS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7515
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets. En las versiones 3.30 y anteriores de Omron CX-Supervisor, se puede explotan vulnerabilidades de acceso de puntero no inicializado cuando CX-Supervisor llama de forma indirecta a un puntero no inicializado al analizar paquetes mal formados. This vulnerability allows remote attackers to execute arbitrary cod... • http://www.securityfocus.com/bid/103394 • CWE-256: Plaintext Storage of a Password CWE-824: Access of Uninitialized Pointer •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7517 – OMRON CX-Supervisor SCS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7517
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar una vulnerabilidad fuera de límites. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or ... • http://www.securityfocus.com/bid/103394 • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7519 – OMRON CX-Supervisor SCS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7519
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar un desbordamiento de búfer basado en memoria dinámica (heap). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must vis... • http://www.securityfocus.com/bid/103394 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7521 – OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7521
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file. En las versiones 3.30 y anteriores de Omron CX-Supervisor, se pueden explotar vulnerabilidades de uso de memoria previamente liberada cuando CX Supervisor analiza un archivo de proyecto especialmente manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is req... • http://www.securityfocus.com/bid/103394 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7523 – OMRON CX-Supervisor SCS Scatter Chart Object Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7523
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el análisis de archivos de proyecto mal formados puede provocar una vulnerabilidad de doble liberación (double free). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a mali... • http://www.securityfocus.com/bid/103394 • CWE-415: Double Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7525 – OMRON CX-Supervisor CDM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7525
21 Mar 2018 — In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability. En las versiones 3.30 y anteriores de Omron CX-Supervisor, el procesamiento de un paquete mal formado por parte de cierto ejecutable puede provocar una vulnerabilidad de desreferencia de puntero no fiable. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is requi... • http://www.securityfocus.com/bid/103394 • CWE-476: NULL Pointer Dereference CWE-822: Untrusted Pointer Dereference •