Vulnerabilities (CVE)

Filtered by vendor Altair Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2951 1 Altair 1 Hyperview Player 2024-11-21 N/A 7.8 HIGH
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption.
CVE-2022-2950 1 Altair 1 Hyperview Player 2024-11-21 N/A 7.8 HIGH
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.
CVE-2022-2949 1 Altair 1 Hyperview Player 2024-11-21 N/A 7.8 HIGH
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading to memory corruption.
CVE-2022-2947 1 Altair 1 Hyperview Player 2024-11-21 N/A 7.8 HIGH
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation.
CVE-2019-15719 1 Altair 1 Pbs Professional 2024-11-21 5.2 MEDIUM 8.0 HIGH
Altair PBS Professional through 19.1.2 allows Privilege Escalation because an attacker can send a message directly to pbs_mom, which fails to properly authenticate the message. This results in code execution as an arbitrary user.