Fpwin Pro
by Panasonic
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-7013 | Hig | 0.51 | 7.8 | 0.00 | Aug 21, 2024 | Stack-based buffer overflow in Control FPWIN Pro version 7.7.2.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. | ||
| CVE-2016-4498 | Med | 0.36 | 5.5 | 0.01 | May 12, 2016 | Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2016-4499 | Med | 0.27 | 4.2 | 0.01 | May 12, 2016 | Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (application crash) via unspecified vectors. | ||
| CVE-2016-4497 | Med | 0.27 | 4.2 | 0.01 | May 12, 2016 | Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." | ||
| CVE-2016-4496 | Med | 0.27 | 4.2 | 0.00 | May 12, 2016 | Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by triggering a crafted index value, as demonstrated by an integer overflow. | ||
| CVE-2023-6315 | 0.00 | — | 0.00 | Dec 19, 2023 | Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. | |||
| CVE-2023-6314 | 0.00 | — | 0.00 | Dec 19, 2023 | Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. | |||
| CVE-2023-28730 | 0.00 | — | 0.00 | Jul 21, 2023 | A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | |||
| CVE-2023-28729 | 0.00 | — | 0.00 | Jul 21, 2023 | A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | |||
| CVE-2023-28728 | 0.00 | — | 0.00 | Jul 21, 2023 | A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | |||
| CVE-2021-32972 | 0.00 | — | 0.01 | Jul 9, 2021 | Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the… | |||
| CVE-2020-16236 | 0.00 | — | 0.01 | Jan 25, 2021 | FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2019-6532 | 0.00 | — | 0.04 | Jun 7, 2019 | Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution. | |||
| CVE-2019-6530 | 0.00 | — | 0.07 | Jun 7, 2019 | Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution. |
- risk 0.51cvss 7.8epss 0.00
Stack-based buffer overflow in Control FPWIN Pro version 7.7.2.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file.
- risk 0.36cvss 5.5epss 0.01
Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- risk 0.27cvss 4.2epss 0.01
Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (application crash) via unspecified vectors.
- risk 0.27cvss 4.2epss 0.01
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."
- risk 0.27cvss 4.2epss 0.00
Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by triggering a crafted index value, as demonstrated by an integer overflow.
- CVE-2023-6315Dec 19, 2023risk 0.00cvss —epss 0.00
Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file.
- CVE-2023-6314Dec 19, 2023risk 0.00cvss —epss 0.00
Stack-based buffer overflow in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file.
- CVE-2023-28730Jul 21, 2023risk 0.00cvss —epss 0.00
A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files.
- CVE-2023-28729Jul 21, 2023risk 0.00cvss —epss 0.00
A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files.
- CVE-2023-28728Jul 21, 2023risk 0.00cvss —epss 0.00
A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files.
- CVE-2021-32972Jul 9, 2021risk 0.00cvss —epss 0.01
Panasonic FPWIN Pro, all Versions 7.5.1.1 and prior, allows an attacker to craft a project file specifying a URI that causes the XML parser to access the URI and embed the contents, which may allow the attacker to disclose information that is accessible in the context of the…
- CVE-2020-16236Jan 25, 2021risk 0.00cvss —epss 0.01
FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code.
- CVE-2019-6532Jun 7, 2019risk 0.00cvss —epss 0.04
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution.
- CVE-2019-6530Jun 7, 2019risk 0.00cvss —epss 0.07
Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution.