Vulnerabilities > NI > Labview
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-21 | CVE-2022-27237 | Cross-site Scripting vulnerability in NI products There is a cross-site scripting (XSS) vulnerability in an NI Web Server component installed with several NI products. | 4.3 |
| 2017-09-05 | CVE-2017-2779 | Out-of-bounds Write vulnerability in NI Labview An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. | 6.8 |
| 2017-03-31 | CVE-2017-2775 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in NI Labview 16.0.0.49152 An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. | 6.8 |
| 2013-08-06 | CVE-2013-5023 | Unspecified vulnerability in NI products The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files. network ni | 4.3 |
| 2013-08-06 | CVE-2013-5022 | Path Traversal vulnerability in NI products Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value. | 10.0 |