Vulnerabilities (CVE)

Filtered by CWE-194
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32138 1 Codesys 2 Plcwinnt, Runtime Toolkit 2024-11-21 6.5 MEDIUM 8.8 HIGH
In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.
CVE-2021-38434 1 Fatek 1 Winproladder 2024-11-21 6.8 MEDIUM 7.8 HIGH
FATEK Automation WinProladder versions 3.30 and prior lacks proper validation of user-supplied data when parsing project files, which could result in an unexpected sign extension. An attacker could leverage this vulnerability to execute arbitrary code.