CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10496 – Out of bounds read in BuildFontMap in fontmgr.cpp in NI LabVIEW
https://notcve.org/view.php?id=CVE-2024-10496
10 Dec 2024 — An out of bounds read due to improper input validation in BuildFontMap in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview-.html • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10495 – Out of bounds read when loading the font table in fontmgr.cpp in NI LabVIEW
https://notcve.org/view.php?id=CVE-2024-10495
10 Dec 2024 — An out of bounds read due to improper input validation when loading the font table in fontmgr.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview-.html • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10494 – Out of bounds read in HeapObjMapImpl.cpp in NI LabVIEW
https://notcve.org/view.php?id=CVE-2024-10494
10 Dec 2024 — An out of bounds read due to improper input validation in HeapObjMapImpl.cpp in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q3 and prior versions. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview-.html • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4081 – Memory Corruption Due to Improper Length Check in NI LabVIEW
https://notcve.org/view.php?id=CVE-2024-4081
23 Jul 2024 — A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects NI LabVIEW 2024 Q1 and prior versions. Un problema de corrupción de memoria debido a una verificación de longitud inadecuada en NI LabVIEW puede revelar información o resultar en la ejecución de código arbitrario. La explotación exitosa requiere que un atac... • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-issues-due-to-improper-length-checks-in-labview.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4080 – Memory Corruption Due to Improper Length Checks in LabVIEW tdcore.dll
https://notcve.org/view.php?id=CVE-2024-4080
23 Jul 2024 — A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions. Un problema de corrupción de memoria debido a una verificación de longitud incorrecta en LabVIEW tdcore.dll puede revelar información o resultar en la ejecución de código arbitrario. La explotación exitosa requier... • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/memory-corruption-issues-due-to-improper-length-checks-in-labview.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4079 – Out of Bounds Read Due to Missing Bounds Check in LabVIEW
https://notcve.org/view.php?id=CVE-2024-4079
23 Jul 2024 — An out of bounds read due to a missing bounds check in LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerability affects LabVIEW 2024 Q1 and prior versions. Una lectura fuera de los límites debido a una verificación de límites faltantes en LabVIEW puede revelar información o resultar en la ejecución de código arbitrario. La explotación exitosa requiere que un atacante proporcione al u... • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-due-to-missing-bounds-check-in-labview.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6638 – Integer Overflow Vulnerability Reading TDMS Files in LabVIEW
https://notcve.org/view.php?id=CVE-2024-6638
22 Jul 2024 — An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. Successful exploitation requires an attacker to provide a user with a specially crafted TDMS file. This vulnerability affects LabVIEW 2024 Q1 and prior versions. Una vulnerabilidad de desbordamiento de enteros debido a una validación de entrada incorrecta al leer archivos TDMS en LabVIEW puede resultar en un bucle infinito. La explotación exitosa requiere que un atacante prop... • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/integer-overflow-vulnerability-reading-tdms-files-in-labview.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2013-5023
https://notcve.org/view.php?id=CVE-2013-5023
06 Aug 2013 — The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files. Vulnerabilidad sin especificar en un control ActiveX en el componente HelpAsst en NI Help Links in National Instruments LabWindows/CVI, LabVIEW, y otros productos, tiene un impacto desconocido y vectores de ataque remotos. • http://digital.ni.com/public.nsf/allkb/E6BC4F119D49A97A86257BD3004FE019?OpenDocument •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2013-5022
https://notcve.org/view.php?id=CVE-2013-5022
06 Aug 2013 — Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value. Una vulnerabilidad de salto de ruta (path) en el control de 3D Graph ActiveX en el archivo cw3dgrph.ocx ... • http://digital.ni.com/public.nsf/allkb/782E4F31442D833186257BD3004AEB47?OpenDocument • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 88%CPEs: 6EXPL: 0CVE-2013-5021 – ABB DataManager National Instruments Multiple ActiveX Controls cwui.ocx ExportStyle() Method Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-5021
11 Jun 2013 — Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and earlier, the Data Analysis component in ABB DataManager 1 through 6.3.6, and other products allow remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method in the (1) CWNumEdit, (2) CWGraph, (3) CWBoolean, (4) CWSlide, or (5) CWKnob ActiveX control, in conjunc... • http://digital.ni.com/public.nsf/allkb/04B876608790082C86257BD1000CC950?OpenDocument • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •