Vulnerabilities > Hornerautomation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-06 | CVE-2023-32545 | Out-of-bounds Read vulnerability in Hornerautomation Cscape and Cscape Envisionrv The affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). | 7.8 |
| 2023-03-09 | CVE-2023-0621 | Unspecified vulnerability in Hornerautomation Cscape Envision RV 4.60 Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project (i.e. | 7.8 |
| 2023-03-09 | CVE-2023-0622 | Unspecified vulnerability in Hornerautomation Cscape Envision RV 4.60 Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. | 7.8 |
| 2023-03-09 | CVE-2023-0623 | Unspecified vulnerability in Hornerautomation Cscape Envision RV 4.60 Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. | 7.8 |
| 2022-12-02 | CVE-2022-2640 | Inadequate Encryption Strength vulnerability in Hornerautomation Rcc972 Firmware 15.40 The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with weak XOR encryption vulnerable to reverse engineering. | 7.5 |
| 2022-12-02 | CVE-2022-2642 | Excessive Reliance on Global Variables vulnerability in Hornerautomation Rcc972 Firmware 15.40 Horner Automation’s RCC 972 firmware version 15.40 contains global variables. | 7.5 |
| 2022-11-15 | CVE-2022-3377 | Access of Uninitialized Pointer vulnerability in Hornerautomation Cscape Horner Automation's Cscape version 9.90 SP 6 and prior does not properly validate user-supplied data. | 7.8 |
| 2022-10-27 | CVE-2022-3378 | Access of Uninitialized Pointer vulnerability in Hornerautomation Cscape Horner Automation's Cscape version 9.90 SP 7 and prior does not properly validate user-supplied data. | 7.8 |
| 2022-10-27 | CVE-2022-3379 | Out-of-bounds Write vulnerability in Hornerautomation Cscape Horner Automation's Cscape version 9.90 SP7 and prior does not properly validate user-supplied data. | 7.8 |
| 2022-06-02 | CVE-2022-28690 | Access of Uninitialized Pointer vulnerability in Hornerautomation Cscape The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may allow an attacker to execute arbitrary code. | 7.8 |