Vulnerabilities > NI > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-22 | CVE-2024-6793 | Deserialization of Untrusted Data vulnerability in NI Veristand A deserialization of untrusted data vulnerability exists in NI VeriStand DataLogging Server that may result in remote code execution. | 9.8 |
2024-07-22 | CVE-2024-6794 | Deserialization of Untrusted Data vulnerability in NI Veristand A deserialization of untrusted data vulnerability exists in NI VeriStand Waveform Streaming Server that may result in remote code execution. | 9.8 |
2024-07-22 | CVE-2024-6805 | Missing Authorization vulnerability in NI Veristand The NI VeriStand Gateway is missing authorization checks when an actor attempts to access File Transfer resources. | 9.8 |
2024-07-22 | CVE-2024-6806 | Missing Authorization vulnerability in NI Veristand The NI VeriStand Gateway is missing authorization checks when an actor attempts to access Project resources. | 9.8 |
2023-10-18 | CVE-2023-4601 | Out-of-bounds Write vulnerability in NI System Configuration A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. | 9.8 |
2013-08-06 | CVE-2013-5026 | Unspecified vulnerability in NI Lookout 6.5/6.6/6.7 An ActiveX control in lookout650.ocx, lookout660.ocx, and lookout670.ocx in National Instruments Lookout 6.5 through 6.7 allows remote attackers to execute arbitrary code by triggering the download of, and calls to, an arbitrary DLL file. | 9.3 |
2013-08-06 | CVE-2013-5022 | Path Traversal vulnerability in NI products Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value. | 10.0 |