cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12834,https://securityvulnerability.io/vulnerability/CVE-2024-12834,Type Confusion in Delta Electronics DRASimuCAD STP File Parsing,"The type confusion vulnerability in Delta Electronics DRASimuCAD arises due to improper validation of user-provided data during the parsing of STP files. This flaw can be exploited by a remote attacker through a specially crafted malicious file or webpage that prompts user interaction. Once activated, the attacker can execute arbitrary code within the context of the affected process, potentially compromising the security of the system. This vulnerability emphasizes the importance of stringent data validation and user awareness of file origins.",Delta Electronics,Drasimucad,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-30T17:15:00.000Z,0
CVE-2024-12835,https://securityvulnerability.io/vulnerability/CVE-2024-12835,Remote Code Execution Vulnerability in Delta Electronics DRASimuCAD,"The vulnerability involves an Out-Of-Bounds Write flaw that occurs during the parsing of ICS files in Delta Electronics DRASimuCAD. It arises due to inadequate validation of user-supplied data, which can lead to a situation where an attacker is able to write beyond the allocated buffer. This can allow attackers to execute arbitrary code on systems running affected versions of the software, provided that the user interacts with a malicious page or opens a compromised file. The issue highlights significant security concerns for installations of DRASimuCAD that have not been updated to address this flaw. Proper security measures and prompt updates are essential to mitigate risks associated with this vulnerability.",Delta Electronics,Drasimucad,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-30T17:15:00.000Z,0
CVE-2024-12836,https://securityvulnerability.io/vulnerability/CVE-2024-12836,Type Confusion Remote Code Execution Vulnerability in Delta Electronics DRASimuCAD,"A vulnerability affecting Delta Electronics DRASimuCAD arises from improper parsing of STP files, leading to a type confusion issue. This flaw allows remote attackers to execute arbitrary code if a user interacts with malicious content, such as visiting a compromised webpage or opening a crafted file. The vulnerability stems from insufficient validation of user-supplied data, which could lead to unwanted code execution in the context of the current process, thereby posing a significant risk to affected installations.",Delta Electronics,Drasimucad,,,0.0004299999854993075,false,,false,false,false,,false,false,false,,2024-12-30T17:15:00.000Z,0