Filtered by vendor Ni
Subscribe
Total
49 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2775 | 1 Ni | 1 Labview | 2022-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable memory corruption vulnerability exists in the LvVariantUnflatten functionality in 64-bit versions of LabVIEW before 2015 SP1 f7 Patch and 2016 before f2 Patch. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting in internal heap corruption. An attacker controlled VI file can be used to trigger this vulnerability, exploitation could lead to remote code execution. | |||||
| CVE-2021-42563 | 2 Microsoft, Ni | 2 Windows, Ni Service Locator | 2021-11-16 | 4.6 MEDIUM | 7.8 HIGH |
| There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. This may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges. | |||||
| CVE-2021-38304 | 1 Ni | 1 Ni-pal | 2021-09-28 | 4.6 MEDIUM | 7.8 HIGH |
| Improper input validation in the National Instruments NI-PAL driver in versions 20.0.0 and prior may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-25191 | 1 Ni | 2 Compactrio, Compactrio Firmware | 2020-12-14 | 7.8 HIGH | 7.5 HIGH |
| Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior to 20.5) remotely. | |||||
| CVE-2013-5025 | 1 Ni | 1 Labwindows | 2013-10-16 | 4.3 MEDIUM | N/A |
| An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote attackers to cause a denial of service by triggering the display of local example files. | |||||
| CVE-2013-5023 | 1 Ni | 5 Diadem, Labview, Labwindows and 2 more | 2013-09-25 | 4.3 MEDIUM | N/A |
| The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files. | |||||
| CVE-2013-5024 | 1 Ni | 1 Measurementstudio | 2013-09-25 | 4.3 MEDIUM | N/A |
| An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls. | |||||
| CVE-2013-5022 | 1 Ni | 4 Labview, Labwindows, Measurementstudio and 1 more | 2013-09-18 | 10.0 HIGH | N/A |
| Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allows remote attackers to create and execute arbitrary files via a full pathname in an argument to the ExportStyle method, in conjunction with file content in the (1) Caption or (2) FormatString property value. | |||||
| CVE-2013-5026 | 1 Ni | 1 Lookout | 2013-09-18 | 9.3 HIGH | N/A |
| An ActiveX control in lookout650.ocx, lookout660.ocx, and lookout670.ocx in National Instruments Lookout 6.5 through 6.7 allows remote attackers to execute arbitrary code by triggering the download of, and calls to, an arbitrary DLL file. | |||||