Vulnerabilities (CVE)

Filtered by vendor Codesys Subscribe
Total 127 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-47391 1 Codesys 14 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 11 more 2024-02-28 N/A 7.5 HIGH
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
CVE-2022-47389 1 Codesys 17 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 14 more 2024-02-28 N/A 8.8 HIGH
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
CVE-2022-22508 1 Codesys 14 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 11 more 2024-02-28 N/A 4.3 MEDIUM
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
CVE-2022-47385 1 Codesys 17 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 14 more 2024-02-28 N/A 8.8 HIGH
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
CVE-2022-47388 1 Codesys 17 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 14 more 2024-02-28 N/A 8.8 HIGH
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
CVE-2022-4048 1 Codesys 1 Development System V3 2024-02-28 N/A 7.7 HIGH
Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application.
CVE-2022-47384 1 Codesys 17 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 14 more 2024-02-28 N/A 8.8 HIGH
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.