Filtered by vendor Codesys
Subscriptions
Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-13548 | 1 Codesys | 13 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 10 more | 2024-11-21 | 9.8 Critical |
| CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution. | ||||
| CVE-2019-13542 | 1 Codesys | 10 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 7 more | 2024-11-21 | 6.5 Medium |
| 3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows an attacker to send crafted requests from a trusted OPC UA client that cause a NULL pointer dereference, which may trigger a denial-of-service condition. | ||||
| CVE-2019-13538 | 1 Codesys | 1 Codesys | 2024-11-21 | 8.6 High |
| 3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed. The issue also exists for source libraries, but 3S-Smart Software Solutions GmbH strongly recommends distributing compiled libraries only. | ||||
| CVE-2019-13532 | 1 Codesys | 13 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 10 more | 2024-11-21 | 7.5 High |
| CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller. | ||||
| CVE-2018-20026 | 1 Codesys | 18 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 15 more | 2024-11-21 | 7.5 High |
| Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0. | ||||
| CVE-2018-20025 | 1 Codesys | 15 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 12 more | 2024-11-21 | N/A |
| Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0. | ||||
| CVE-2018-10612 | 1 Codesys | 12 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 9 more | 2024-11-21 | N/A |
| In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials. | ||||
| CVE-2024-6876 | 1 Codesys | 1 Oscat Basic Library | 2024-10-01 | 4.4 Medium |
| Out-of-Bounds read vulnerability in OSCAT Basic Library allows an local, unprivileged attacker to access limited internal data of the PLC which may lead to a crash of the affected service. | ||||
| CVE-2024-8175 | 1 Codesys | 18 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 15 more | 2024-09-26 | 7.5 High |
| An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS. | ||||