Lucene search
K

17 matches found

Prion
Prion
added 2020/05/07 1:15 p.m.19 views

Design/Logic Flaw

An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

6.5CVSS9AI score0.01757EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/05/07 12:22 p.m.25 views

CVE-2020-6081

An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

9.9CVSS9AI score0.01757EPSS
Exploits1References1
NVD
NVD
added 2019/09/17 8:15 p.m.12 views

CVE-2019-13538

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed. The issue also exists for source...

8.6CVSS8.5AI score0.00855EPSS
Exploits0References2
Prion
Prion
added 2019/09/17 8:15 p.m.16 views

Code injection

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed. The issue also exists for source...

6.8CVSS8.5AI score0.00855EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/09/17 7:4 p.m.104 views

CVE-2019-13538

CVE-2019-13538 affects 3S-Smart Software Solutions GmbH CODESYS V3 Library Manager (all versions before 3.5.16.0). The vulnerability is an improper handling of active library content (CWE-79, cross-site scripting) that can cause manipulated library content to be displayed or executed. Connected s...

8.6CVSS8.3AI score0.00855EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/09/17 6:56 p.m.100 views

CVE-2019-13542

CVE-2019-13542 affects 3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server (versions 3.5.11.0 to 3.5.15.0). The vulnerability is a NULL pointer dereference triggered by crafted requests from a trusted OPC UA client, potentially causing a denial-of-service condition. Public sources (CISA ICS...

6.5CVSS6.3AI score0.01365EPSS
Exploits0References1Affected Software10
ICS
ICS
added 2019/09/12 12:0 a.m.107 views

3S-Smart Software Solutions GmbH CODESYS Control V3 OPC UA Server

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Control V3 OPC UA Server Vulnerability: NULL Pointer Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...

6.5CVSS6.6AI score0.01365EPSS
Exploits0References4
ICS
ICS
added 2019/09/12 12:0 a.m.93 views

3S-Smart Software Solutions GmbH CODESYS V3 Products Containing a CODESYS Communication Server

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 products containing a CODESYS communication server Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this...

7.5CVSS7.7AI score0.01696EPSS
Exploits0References4
ICS
ICS
added 2019/09/12 12:0 a.m.77 views

3S-Smart Software Solutions GmbH CODESYS V3 Web Server

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS V3 web server Vulnerabilities: Path Traversal, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

9.8CVSS9.4AI score0.05858EPSS
Exploits0References4
NVD
NVD
added 2019/01/29 4:29 p.m.32 views

CVE-2018-10612

In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials...

10CVSS9.5AI score0.01267EPSS
Exploits0References2
ICS
ICS
added 2018/12/18 12:0 a.m.82 views

3S-Smart Software Solutions GmbH CODESYS Control V3 Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : 3S-Smart Software Solutions GmbH Equipment : CODESYS Control V3 products Vulnerability : Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow...

10CVSS9.9AI score0.01267EPSS
Exploits0References5
Cvelist
Cvelist
added 2017/05/19 2:43 a.m.19 views

CVE-2017-6025

A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overfl...

9.6AI score0.01998EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/05/19 2:43 a.m.23 views

CVE-2017-6027

An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web serv...

9.7AI score0.02633EPSS
Exploits0References2
ICS
ICS
added 2015/07/18 6:0 a.m.40 views

3S CODESYS Runtime Toolkit Null Pointer Dereference Vulnerability

OVERVIEW Nicholas Miles of Tenable Network Security has identified a NULL pointer dereference vulnerability in 3S-Smart Software Solutions GmbH’s CODESYS Runtime Toolkit. 3S has produced a new version to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCT...

5CVSS6.8AI score0.02066EPSS
Exploits0References10
Saint
Saint
added 2013/04/29 12:0 a.m.43 views

3S CoDeSys Gateway Server Crafted Packet Stack Overflow

Added: 04/29/2013 CVE: CVE-2012-4708 BID: 58032 OSVDB: 90371 Background Smart Software Solutions GmbH 3S manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface SCADA/HMI product. The Gateway Server listens on TCP port 1211. Problem 3S CoDeSys Gatew...

10CVSS6.6AI score0.07427EPSS
Exploits4
Saint
Saint
added 2013/04/29 12:0 a.m.76 views

3S CoDeSys Gateway Server Crafted Packet Stack Overflow

Added: 04/29/2013 CVE: CVE-2012-4708 BID: 58032 OSVDB: 90371 Background Smart Software Solutions GmbH 3S manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface SCADA/HMI product. The Gateway Server listens on TCP port 1211. Problem 3S CoDeSys Gatew...

10CVSS6.6AI score0.07427EPSS
Exploits4
Debian
Debian
added 2010/10/10 9:30 a.m.30 views

BSA-004 Security Update for subversion

Peter Samuelson uploaded new packages for subversion which fixed the following security problems: CVE-2010-3315 When "SVNPathAuthz shortcircuit" is enabled, authz authentication in the moddavsvn module for the Apache HTTP Server is flawed. Remote authenticated users can bypass intended access...

6CVSS2.6AI score0.04216EPSS
Exploits0
Rows per page
Query Builder