CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2021-32051 – Hexagon G!nius Auskunftsportal SQL Injection
https://notcve.org/view.php?id=CVE-2021-32051
Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter. Hexagon G!nius Auskunftsportal anterior a la versión 5.0.0.0 permite la inyección SQL a través del parámetro GiPWorkflow/Service/DownloadPublicFile id Hexagon G!nius Auskunftsportal versions prior to 5.0.0.0 suffer from a remote SQL injection vulnerability. • http://packetstormsecurity.com/files/162534/Hexagon-G-nius-Auskunftsportal-SQL-Injection.html https://gist.githubusercontent.com/mke1985/a21a71098f48829916dfec74eff1e24a/raw/f635b060ad03e23fd887de48a79b70040daadadb/CVE-2021-32051 https://www.hexagonsafetyinfrastructure.com/products/utilities-and-communications-products/advanced-utility-gis/hexagon-ginius • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.3EPSS: 3%CPEs: 3EXPL: 0CVE-2013-3483
https://notcve.org/view.php?id=CVE-2013-3483
Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ERS file. Desbordamiento de de pila en ermapper_u.dll de Intergraph ERDAS ER Viewer anteriores a 13.0.1 1301 permite a atacantes remotos ejecutar código de forma arbitraria o causar una denegación de servicio (crash de aplicación) a través de un archivo ERS manipulado. • http://attrition.org/pipermail/vim/2013-May/002682.html http://secunia.com/advisories/53620 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 91%CPEs: 3EXPL: 2CVE-2013-3482 – ERS Viewer 2013 - '.ERS' File Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-3482
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file. Desbordamiento de pila en la función rf_report_error de ermapper_u.dll en Intergraph ERDAS ER Viewer anteriores a 13.0.1 1301 permite a atacantes remotos ejecutar código de forma arbitraria o causar una denegación de servicio (crash de aplicación) a través de una cadena larga en un archivo ERS. • https://www.exploit-db.com/exploits/26708 http://attrition.org/pipermail/vim/2013-May/002682.html http://osvdb.org/show/osvdb/93650 http://secunia.com/advisories/53620 http://www.exploit-db.com/exploits/26708 http://www.secunia.com/blog/366 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 93%CPEs: 1EXPL: 1CVE-2013-0726 – ERS Viewer 2011 - '.ERS' File Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-0726
Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file. Desbordamiento de búfer basado en pila en la función ERM_convert_to_correct_webpath en ermapper_u.dll en ERDAS ER Viewer anterior a la versión 13.00.0001, permite a atacantes remotos ejecutar código de su elección a través de un nombre de ruta modificada en un archivo ERS. • https://www.exploit-db.com/exploits/25448 http://secunia.com/advisories/51725 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0CVE-2013-0728
https://notcve.org/view.php?id=CVE-2013-0728
Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value. Múltiples desbordamientos de búfer basado en pila en NCSAddOn.dll en el complemento ERDAS APOLLO ECWP antes v13.00.0001 para Internet Explorer, Firefox y Chrome permite a atacantes remotos ejecutar código arbitrario a través de un valor de propiedad largo. • http://secunia.com/advisories/51647 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •