VYPR
Vendor

Hexagon

Products
7
CVEs
8
Across products
8
Status
Private

Products

7

Recent CVEs

8
  • CVE-2021-37749CriAug 30, 2021
    risk 0.64cvss 9.8epss 0.02

    MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16.6.2.66) allows blind SQL Injection via the Id (within sourceItems) parameter to the GetMap method.

  • CVE-2021-32051HigMay 14, 2021
    risk 0.49cvss 7.5epss 0.02

    Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter.

  • CVE-2018-11239HigMay 19, 2018
    risk 0.49cvss 7.5epss 0.01

    An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as…

  • CVE-2025-44206MedJun 25, 2025
    risk 0.30cvss 4.6epss 0.00

    Hexagon HxGN OnCall Dispatch Advantage (Web) v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Advantage (Mobile) v10.2402 are vulnerable to Cross Site Scripting (XSS) which allows a remote authenticated attacker with access to the Broadcast (Person) functionality to execute…

  • CVE-2013-3482Jan 19, 2014
    risk 0.06cvss epss 0.32

    Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file.

  • CVE-2013-0726May 5, 2013
    risk 0.05cvss epss 0.28

    Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file.

  • CVE-2013-3483Jan 19, 2014
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ERS file.

  • CVE-2013-0728Apr 25, 2013
    risk 0.00cvss epss 0.04

    Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value.