Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types.
alpha5_smart_loader
CVE-2018-14794
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. The device does not perform a check on the length/size of a project file before copying the entire contents of the file to a heap-based buffer.
CVE-2019-13520
Multiple buffer overflow issues have been identified in Alpha5 Smart Loader: All versions prior to 4.2. An attacker could use specially crafted project files to overflow the buffer and execute code under the privileges of the application.
CVE-2022-24383
The affected product is vulnerable to an out-of-bounds read, which may result in code execution
CVE-2022-21228
The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.
CVE-2022-21168
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure.