CWE:
 

Topic
Date
Author
High
Google SketchUp lib3ds 3DS Importer Memory Corruption
18.01.2010
CORE


CVEMAP Search Results

CVE
Details
Description
2020-11-19
Medium
CVE-2020-7553

Vendor: Schneider-electric
Software: Interactive ...
 

 
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

 
Medium
CVE-2020-7555

Vendor: Schneider-electric
Software: Interactive ...
 

 
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

 
Medium
CVE-2020-7556

Vendor: Schneider-electric
Software: Interactive ...
 

 
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

 
Medium
CVE-2020-7558

Vendor: Schneider-electric
Software: Interactive ...
 

 
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

 
2020-11-18
Waiting for details
CVE-2020-7563

Updating...
 

 
A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP.

 
2020-11-13
Medium
CVE-2020-6147

Vendor: Pixar
Software: Openusd
 

 
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow.

 
Medium
CVE-2020-6148

Vendor: Pixar
Software: Openusd
 

 
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression heap overflow.

 
Medium
CVE-2020-6149

Vendor: Pixar
Software: Openusd
 

 
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section.

 
Medium
CVE-2020-6150

Vendor: Pixar
Software: Openusd
 

 
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow.

 
Medium
CVE-2020-6155

Vendor: Pixar
Software: Openusd
 

 
A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top