Ics-cert Cx-supervisor
7 CVEs affecting Ics-cert Cx-supervisor. Latest disclosed: 2019-02-12. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-19017 | High | 8.8 | 2019-01-22 | Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). When processing project files, the application fails to… |
CVE-2018-19011 | High | 8.8 | 2019-01-22 | CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the p… |
CVE-2018-19018 | High | 7.3 | 2019-02-12 | An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. An atta… |
CVE-2018-19015 | High | 7.3 | 2019-01-28 | An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted p… |
CVE-2018-19019 | High | 7.3 | 2019-01-22 | A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted proje… |
CVE-2018-19020 | Medium | 5.0 | 2019-02-12 | When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the application to read a v… |
CVE-2018-19013 | Medium | 5.0 | 2019-01-22 | An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a specially crafted p… |