Security Vulnerabilities - CVEs Published In February 2024
Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-02-02
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.
CVSS Score
2.9
EPSS Score
0.0
Published
2024-02-02
in OpenHarmony v4.0.0 and prior versions
allow an adjacent attacker arbitrary code execution in any apps through use after free.
CVSS Score
8.2
EPSS Score
0.0
Published
2024-02-02
Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in a denial of service (DoS) condition. Note that the affected products are no longer supported.
CVSS Score
7.5
EPSS Score
0.011
Published
2024-02-02
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.
CVSS Score
2.9
EPSS Score
0.0
Published
2024-02-02
in OpenHarmony v3.2.4 and prior versions allow an adjacent attacker arbitrary code execution through out-of-bounds write.
CVSS Score
4.2
EPSS Score
0.0
Published
2024-02-02
in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read.
CVSS Score
2.9
EPSS Score
0.0
Published
2024-02-02
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through improper input.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-02-02
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12.
CVSS Score
8.3
EPSS Score
0.002
Published
2024-02-02
in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read.
CVSS Score
2.9
EPSS Score
0.0
Published
2024-02-02