CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-41432

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00519EPSS

Tenable Nessus•added 2023/09/18 12:0 a.m.•27 views

Rockwell Automation LP30/40/50 and BM40 Operator Interface Improper Validation of Consistency Within Input (CVE-2022-47392)

An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. Wago PFC200 and Compact Controllers...

6.5CVSS7.2AI score0.00862EPSS

Exploits0References4

Tenable Nessus•added 2023/09/18 12:0 a.m.•29 views

Rockwell Automation LP30/40/50 and BM40 Operator Interface Stack-Based Buffer Overflow (CVE-2022-47380)

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CMPapp Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. Wago PFC20...

8.8CVSS7.6AI score0.01334EPSS

Exploits0References4

Tenable Nessus•added 2023/09/18 12:0 a.m.•27 views

Rockwell Automation LP30/40/50 and BM40 Operator Interface Out-of-Bounds Write (CVE-2022-47379)

8.8CVSS7.6AI score0.0199EPSS

Exploits0References4

BDU FSTEC•added 2023/09/13 12:0 a.m.•3 views

The vulnerability of the CMPapp component in CODESYS software products allows a hacker to trigger a service failure.

The vulnerability of the CMPapp component in CODESYS software products is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

BDU FSTEC•added 2023/09/13 12:0 a.m.•4 views

The vulnerability of the CMPapp component in CODESYS software products allows a hacker to load arbitrary files into the system.

The vulnerability of the CMPapp component in CODESYS software products is related to the use of files and directories accessible from external parties. Exploiting this vulnerability allows a malicious actor to upload arbitrary files into the system remotely...

6.8CVSS6.6AI score0.00412EPSS

BDU FSTEC•added 2023/09/13 12:0 a.m.•4 views

The vulnerability of the CMPapp component in CODESYS software products allows a hacker to trigger a service failure.

BDU FSTEC•added 2023/09/13 12:0 a.m.•4 views

The vulnerability of the CMPapp component in CODESYS software products allows a hacker to trigger a service failure.

The vulnerability of the CMPapp component in CODESYS software products is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

BDU FSTEC•added 2023/09/13 12:0 a.m.•2 views

The vulnerability of the CMPapp component in CODESYS software products allows a hacker to trigger a service failure.

BDU FSTEC•added 2023/09/13 12:0 a.m.•3 views

The vulnerability of the CMPapp component in CODESYS software products allows a hacker to trigger a service failure.

BDU FSTEC•added 2023/08/16 12:0 a.m.•4 views

The vulnerability of the CMPapp component in the Codesys industrial automation software suite allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the CMPapp component in the Codesys industrial automation software suite relates to the ability to write data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to trigger malfunctions in service operations or execute arbitrary...

9CVSS8.4AI score0.0199EPSS

Exploits0References3Affected Software17

BDU FSTEC•added 2023/08/16 12:0 a.m.•2 views

The vulnerability of the CMPapp component in the Codesys industrial automation software suite allows a hacker to trigger a service failure or execute arbitrary code.

9CVSS8.4AI score0.01334EPSS

Exploits0References3Affected Software17

BDU FSTEC•added 2023/08/16 12:0 a.m.•4 views

The vulnerability of the CMPapp component in the Codesys industrial automation software suite allows a hacker to trigger a service failure or execute arbitrary code.

9CVSS8.4AI score0.01334EPSS

Exploits0References3Affected Software17

Microsoft Secure•added 2023/08/11 12:0 a.m.•40 views

Multiple high severity vulnerabilities in CODESYS V3 SDK could lead to RCE or DoS

Microsoft’s cyberphysical system researchers recently identified multiple high-severity vulnerabilities in the CODESYS V3 software development kit SDK, a software development environment widely used to program and engineer programmable logic controllers PLCs. Exploitation of the discovered...

6.5CVSS9.1AI score0.0199EPSS

Exploits0

OSV•added 2023/08/03 12:15 p.m.•3 views

CVE-2023-37551

In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfe...

6.5CVSS5.7AI score0.00412EPSS

OSV•added 2023/08/03 12:15 p.m.•1 views

CVE-2023-37549

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...

6.5CVSS5.8AI score0.00519EPSS