codesys control_for_linux_sl の CVE(52 件)

CVE 件数: 52 CPE versions: View versions table

概要

本ページは codesys control_for_linux_sl に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 4152 / 52 CVE 件数
«« 先頭 « 前へ 3 / 3 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2022-22517 An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed. [email protected] 7.5 1.27% 2022-04-07 2026-06-17
CVE-2022-22515 A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products. [email protected] 8.1 1.07% 2022-04-07 2026-06-17
CVE-2022-22514 An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash. [email protected] 7.1 0.86% 2022-04-07 2026-06-17
CVE-2022-22513 An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. [email protected] 6.5 0.97% 2022-04-07 2026-06-17
CVE-2021-29242 CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages. [email protected] 7.3 1.07% 2021-05-03 2026-06-16
CVE-2021-29241 CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS). [email protected] 7.5 1.42% 2021-05-03 2026-06-16
CVE-2019-9012 An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS [email protected] 7.5 1.75% 2019-08-15 2026-06-16
CVE-2019-9010 An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for [email protected] 9.8 1.92% 2019-08-15 2026-06-16
CVE-2019-9013 An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component are affected regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PF [email protected] 8.8 0.30% 2019-08-15 2026-06-16
CVE-2018-20026 Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0. [email protected] 7.5 3.04% 2019-02-19 2026-06-16
CVE-2018-20025 Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0. [email protected] 7.5 2.56% 2019-02-19 2026-06-16
CVE-2018-10612 In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials. [email protected] 9.8 1.27% 2019-01-29 2026-06-16
«« 先頭 « 前へ 3 / 3 次へ »
cvelogic Threat Intelligence