HexagonCVEs & Vulnerabilities

6 CVEs affecting Hexagon products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

erdas er viewer 7erdas apollo ecwp 1intergraph g\!nius 1qognify vms client viewer 1
CVE-2023-49114MEDIUM

A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met.

26 Feb 2024
6.7
CVSS
CVE-2021-32051HIGH

Hexagon G!nius Auskunftsportal before 5.0.0.0 allows SQL injection via the GiPWorkflow/Service/DownloadPublicFile id parameter.

14 May 2021
7.5
CVSS
CVE-2013-3483CRITICAL

Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ERS file.

19 Jan 2014
9.3
CVSS
CVE-2013-3482CRITICALpoc

Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file.

19 Jan 2014
9.3
CVSS
CVE-2013-0726CRITICALpoc

Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file.

5 May 2013
9.3
CVSS
CVE-2013-0728CRITICAL

Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value.

25 Apr 2013
10.0
CVSS
← PrevPage 1 / 1Next →