Vulnerabilities > Measuresoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-31 | CVE-2022-2896 | Use After Free vulnerability in Measuresoft Scadapro Server Measuresoft ScadaPro Server (All Versions) allows use after free while processing a specific project file. | 7.8 |
| 2012-05-25 | CVE-2012-1824 | Unspecified vulnerability in Measuresoft Scadapro Client and Scadapro Server Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | 7.2 |
| 2011-09-16 | CVE-2011-3497 | Information Exposure vulnerability in Measuresoft Scadapro service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method. | 10.0 |
| 2011-09-16 | CVE-2011-3496 | Improper Input Validation vulnerability in Measuresoft Scadapro service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command. | 10.0 |
| 2011-09-16 | CVE-2011-3495 | Path Traversal vulnerability in Measuresoft Scadapro Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command. | 10.0 |
| 2011-09-16 | CVE-2011-3490 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Measuresoft Scadapro Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command. | 10.0 |