1607 matches found
Astra Linux - уязвимость в libmodbus
An invalid pointer in the modbusreceive function of libmodbus v3.1.6 allows attackers to cause a Denial of Service DoS by sending a crafted message to the unit-test-server...
CVE-2026-35227
An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections...
EUVD-2026-29390
An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections...
CVE-2026-35227
An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections...
CVE-2026-35227 Improper resource management in CODESYS Modbus TCP Server
An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections...
CVE-2026-35227 Improper resource management in CODESYS Modbus TCP Server
An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections...
CVE-2026-35227
An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections...
CVE-2026-35227
CVE-2026-35227 affects the CODESYS Modbus TCP Server stack. A race condition in connection handling can allow an unauthenticated remote attacker to exhaust all available TCP connections, denying legitimate clients from establishing new connections. The referenced entries specify a high impact to ...
CODESYS Modbus TCP Server 安全漏洞
CODESYS Modbus TCP Server is an automation control component developed by the German company CODESYS, which provides capabilities for Modbus TCP communication and data exchange between industrial devices. There is a security vulnerability in the CODESYS Modbus TCP Server, caused by a race conditi...
PT-2026-39943
An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections...
EUVD-2026-28785
nanoMODBUS through v1.22.0 has a stack-based buffer overflow in recvreadregistersres in nanomodbus.c. When a client calls nmbsreadholdingregisters or nmbsreadinputregisters, the library writes register data from the server response to the caller-provided buffer based on the response's bytecount...
CVE-2026-29972
Affected software: nanoMODBUS library (v1.22.0 and earlier as described). Vulnerability: a stack-based buffer overflow in recv_read_registers_res() within nanomodbus.c when performing nmbs_read_holding_registers() or nmbs_read_input_registers(). The code writes register data from the server respo...
PT-2026-39142
Name of the Vulnerable Software and Affected Versions nanoMODBUS versions prior to 1.23.0 Description A stack-based buffer overflow exists in the recv read registers res function within nanomodbus.c. This occurs when a client invokes nmbs read holding registers or nmbs read input registers, as th...
CVE-2026-29972
nanoMODBUS through v1.22.0 has a stack-based buffer overflow in recvreadregistersres in nanomodbus.c. When a client calls nmbsreadholdingregisters or nmbsreadinputregisters, the library writes register data from the server response to the caller-provided buffer based on the response's bytecount...
CVE-2025-13605
3onedata modbus gateway device model GW1101-1DRS-485-TB-P hardware version V2.2.0 allows authenticated users to execute arbitrary shell commands in the context of the root user by providing payload in the "IP address" field of the diagnosis test tools. This issue has been resolved in firmware...
CVE-2025-13605
The CVE-2025-13605 vulnerability affects the 3onedata GW1101-1D(RS-485)-TB-P Modbus gateway (hardware version V2.2.0). An authenticated user can execute arbitrary shell commands with root privileges by supplying a payload in the IP address field of the diagnosis test tools. This issue has a CVSSv...
CVE-2025-13605 Shell command injection in 3onedata GW1101-1D(RS-485)-TB-P modbus gateway
3onedata modbus gateway device model GW1101-1DRS-485-TB-P hardware version V2.2.0 allows authenticated users to execute arbitrary shell commands in the context of the root user by providing payload in the "IP address" field of the diagnosis test tools. This issue has been resolved in firmware...
PT-2026-36808
Name of the Vulnerable Software and Affected Versions 3onedata modbus gateway device model GW1101-1DRS-485-TB-P hardware version V2.2.0 versions prior to 3.0.59B2024080600R4353 Description Authenticated users can execute arbitrary shell commands with root privileges. This is possible by providing...
Astra Linux - уязвимость в libmodbus
Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an unexpected length...
Astra Linux - уязвимость в wireshark
A NULL pointer exception occurs in the Modbus dissector in Wireshark versions 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17, allowing for denial of service through packet injection or malicious capture files...