Lucene search
K

41 matches found

OSV
OSV
added 2021/08/04 2:15 p.m.4 views

CVE-2021-36765

In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system...

7.5CVSS7.1AI score
Exploits0References1
Cvelist
Cvelist
added 2021/08/04 1:22 p.m.15 views

CVE-2021-36765

In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system...

7.7AI score0.00986EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/26 12:0 a.m.6 views

3S-Smart Software Solutions CODESYS Runtime System Input Validation Error Vulnerability

3S-Smart Software Solutions CODESYS Control runtime system is an application system from 3S-Smart Software Solutions, Germany. It is used for the conversion of any type of smart device into an IEC 61131-3 controller. An input validation error vulnerability exists in 3S-Smart Software Solutions...

7.5CVSS6.8AI score0.0718EPSS
Exploits0References1
NVD
NVD
added 2021/05/25 1:15 p.m.21 views

CVE-2021-30188

CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow...

9.8CVSS0.01281EPSS
Exploits0References2
Prion
Prion
added 2021/05/25 1:15 p.m.14 views

Input validation

CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation...

5CVSS8.1AI score0.0718EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2021/05/25 1:15 p.m.19 views

Stack overflow

CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow...

7.5CVSS9.5AI score0.01281EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/05/25 12:33 p.m.62 views

CVE-2021-30195

CVE-2021-30195 affects the CODESYS V2 runtime system prior to 2.4.7.55. The vulnerability is caused by Improper Input Validation, leading to an out-of-bounds read that can cause a denial-of-service. Affected components are the CODESYS Runtime Toolkit 32‑bit full and PLCWinNT prior to 2.4.7.55. Mi...

7.5CVSS8AI score0.0718EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/25 12:33 p.m.25 views

CVE-2021-30195

CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation...

7.8AI score0.0718EPSS
Exploits0References2
CVE
CVE
added 2021/05/25 12:33 p.m.50 views

CVE-2021-30186

CVE-2021-30186 affects CODESYS V2 runtime system SP prior to 2.4.7.55, where a heap-based buffer overflow is triggered by a crafted request. Public sources describe this as a vulnerability in the CODESYS Runtime Toolkit/PLCWinNT stack, enabling denial-of-service and, per ICS background, potential...

7.5CVSS8AI score0.07356EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/05/25 12:15 p.m.29 views

CVE-2021-30187

CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command...

5.3CVSS0.00268EPSS
Exploits0References2
Prion
Prion
added 2021/05/25 12:15 p.m.13 views

Command injection

CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command...

4.6CVSS5.3AI score0.00268EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/05/25 11:47 a.m.39 views

CVE-2021-30187

CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command...

5.6AI score0.00268EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/05/25 12:0 a.m.4 views

PT-2021-3346 · 3S Smart Software Solutions · Codesys V2 Runtime System

Name of the Vulnerable Software and Affected Versions: CODESYS V2 runtime system SP versions prior to 2.4.7.55 Description: The issue is a stack-based buffer overflow in the CODESYS V2 runtime system SP. This can be exploited by a remote attacker to impact the confidentiality, integrity, and...

10CVSS7.8AI score0.01281EPSS
Exploits0References7
Prion
Prion
added 2020/07/22 7:15 p.m.19 views

Design/Logic Flaw

CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation...

5CVSS7.6AI score0.02047EPSS
Exploits1References3Affected Software16
CVE
CVE
added 2020/07/22 6:14 p.m.67 views

CVE-2020-15806

CVE-2020-15806 affects the CODESYS Control runtime system before 3.5.16.10. The issue is Uncontrolled Memory Allocation, which can cause the runtime to crash and, per linked sources, may lead to a denial of service. Technical details in the connected documents confirm the vulnerable component and...

7.5CVSS7.5AI score0.02047EPSS
Exploits1References3Affected Software16
CNVD
CNVD
added 2019/11/21 12:0 a.m.3 views

3S-Smart Software Solutions CODESYS Buffer Overflow Vulnerability

3S-Smart Software Solutions CODESYS V3 web server is a web server used in CODESYS products from 3S-Smart Software Solutions, Germany. A buffer overflow vulnerability exists in the web server of the runtime system in versions prior to 3S-Smart Software Solutions CODESYS 3.5.15.20. The vulnerabilit...

9.8CVSS7.2AI score0.01961EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/08/15 5:47 p.m.28 views

CVE-2019-9012

An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.2...

7.6AI score0.01752EPSS
Exploits0References2
Prion
Prion
added 2013/01/21 9:55 p.m.18 views

Directory traversal

Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x allows remote attackers to read, overwrite, or create arbitrary files via a .. dot dot in a request to the TCP listener service...

10CVSS7.3AI score0.02637EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2012/12/05 12:0 a.m.8 views

PT-2012-1189 · 3S Smart Software Solutions · Codesys Runtime System

Name of the Vulnerable Software and Affected Versions: CODESYS Runtime System versions 2.3.x through 2.4.x Description: The issue allows remote attackers to read, overwrite, or create arbitrary files via a .. dot dot in a request to the TCP listener service. This is due to incorrect restriction o...

10CVSS6.7AI score0.02637EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2012/12/05 12:0 a.m.6 views

PT-2012-1188 · 3S Smart Software Solutions · Codesys Runtime System +1

Name of the Vulnerable Software and Affected Versions: CODESYS Runtime System versions 2.3.x through 2.4.x Description: The issue is related to the lack of authentication requirements in the default configuration of the CODESYS Runtime Toolkit. This allows remote attackers to execute commands via...

10CVSS7.2AI score0.05266EPSS
Exploits0References13
Rows per page
Query Builder