Filtered by vendor Codesys
Subscribe
Total
127 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-9008 | 1 Codesys | 10 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 7 more | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with low privileges can take full control over the runtime. | |||||
CVE-2019-9012 | 1 Codesys | 10 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 7 more | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System. | |||||
CVE-2018-10612 | 1 Codesys | 12 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 9 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials. | |||||
CVE-2018-20026 | 1 Codesys | 18 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 15 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0. | |||||
CVE-2018-20025 | 1 Codesys | 15 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 12 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0. | |||||
CVE-2017-6027 | 1 Codesys | 1 Web Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution. | |||||
CVE-2017-6025 | 1 Codesys | 1 Web Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overflow the stack buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code. |