Filtered by vendor Jtekt
Subscriptions
Filtered by product Screen Creator Advance 2
Subscriptions
Total
9 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-25755 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-11-21 | 7.8 High |
Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer (CWE-119) due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project file, information may be disclosed and/or arbitrary code may be executed. | ||||
CVE-2023-22360 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-11-21 | 7.8 High |
Use-after free vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process even when an error was detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. | ||||
CVE-2023-22353 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-11-21 | 7.8 High |
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing control management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. | ||||
CVE-2023-22350 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-11-21 | 7.8 High |
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing parts management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. | ||||
CVE-2023-22349 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-11-21 | 7.8 High |
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. | ||||
CVE-2023-22347 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-11-21 | 7.8 High |
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. | ||||
CVE-2023-22346 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-11-21 | 7.8 High |
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. | ||||
CVE-2023-22345 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-11-21 | 7.8 High |
Out-of-bound write vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process when out of specification errors are detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. | ||||
CVE-2022-27648 | 1 Jtekt | 1 Screen Creator Advance 2 | 2024-11-21 | 7.8 High |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator 0.1.1.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SCA2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14868. |
Page 1 of 1.