Filtered by vendor Omron
Subscriptions
Total
90 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-45793 | 1 Omron | 1 Automation Software Sysmac Studio | 2025-04-17 | 5.5 Medium |
Sysmac Studio installs executables in a directory with poor permissions. This can allow a locally-authenticated attacker to overwrite files which will result in code execution with privileges of a different user. | ||||
CVE-2022-21137 | 1 Omron | 1 Cx-one | 2025-04-16 | 7.8 High |
Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code. | ||||
CVE-2022-25959 | 1 Omron | 1 Cx-position | 2025-04-16 | 7.8 High |
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code. | ||||
CVE-2022-26417 | 1 Omron | 1 Cx-position | 2025-04-16 | 7.8 High |
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code. | ||||
CVE-2022-26022 | 1 Omron | 1 Cx-position | 2025-04-16 | 7.8 High |
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code. | ||||
CVE-2022-26419 | 1 Omron | 1 Cx-position | 2025-04-16 | 7.8 High |
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code. | ||||
CVE-2022-2979 | 1 Omron | 1 Cx-programmer | 2025-04-16 | 7.8 High |
Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution. | ||||
CVE-2022-3397 | 1 Omron | 1 Cx-programmer | 2025-04-16 | 7.8 High |
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | ||||
CVE-2022-3398 | 1 Omron | 1 Cx-programmer | 2025-04-16 | 7.8 High |
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | ||||
CVE-2022-3396 | 1 Omron | 1 Cx-programmer | 2025-04-16 | 7.8 High |
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. | ||||
CVE-2022-46282 | 1 Omron | 1 Cx-drive | 2025-04-16 | 7.8 High |
Use after free vulnerability in CX-Drive V3.00 and earlier allows a local attacker to execute arbitrary code by having a user to open a specially crafted file, | ||||
CVE-2014-2369 | 1 Omron | 6 Ns10 Hmi Terminal, Ns12 Hmi Terminal, Ns15 Hmi Terminal and 3 more | 2025-04-12 | N/A |
Cross-site request forgery (CSRF) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | ||||
CVE-2015-1015 | 1 Omron | 3 Cj2h Plc, Cj2m Plc, Cx-programmer | 2025-04-12 | N/A |
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it easier for local users to obtain sensitive information by reading a file. | ||||
CVE-2015-0988 | 1 Omron | 1 Cx-programmer | 2025-04-12 | N/A |
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a file. | ||||
CVE-2014-2370 | 1 Omron | 6 Ns10 Hmi Terminal, Ns12 Hmi Terminal, Ns15 Hmi Terminal and 3 more | 2025-04-12 | N/A |
Cross-site scripting (XSS) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to inject arbitrary web script or HTML via crafted data. | ||||
CVE-2015-0987 | 1 Omron | 3 Cj2h Plc, Cj2m Plc, Cx-programmer | 2025-04-12 | N/A |
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request. | ||||
CVE-2013-2301 | 1 Omron | 1 Openwnn | 2025-04-11 | N/A |
The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. | ||||
CVE-2023-22357 | 1 Omron | 2 Cp1l-el20dr-d, Cp1l-el20dr-d Firmware | 2025-04-04 | 9.8 Critical |
Active debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. A remote unauthenticated attacker may read/write in arbitrary area of the device memory, which may lead to overwriting the firmware, causing a denial-of-service (DoS) condition, and/or arbitrary code execution. | ||||
CVE-2023-22366 | 1 Omron | 2 Cx-motion-mch, Cx-motion-mch Firmware | 2025-04-03 | 7.8 High |
CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having a user to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. | ||||
CVE-2000-0704 | 3 Freewnn, Omron, Wnn | 3 Freewnn, Worldview, Wnn4 | 2025-04-03 | N/A |
Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via long JS_OPEN, JS_MKDIR, or JS_FILE_INFO commands. |