Control For Linux Security Vulnerabilities and Issues — Control For Linux CVE List

Lucene search

CodesysControl For Linux

7 matches found

CVE•added 2019/09/13 5:15 p.m.•259 views

CVE-2019-13548

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.

9.8CVSS9.8AI score0.03809EPSS

CVE•added 2019/09/13 5:15 p.m.•251 views

CVE-2019-13532

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.

7.5CVSS7.9AI score0.02387EPSS

CVE•added 2020/03/26 4:15 a.m.•108 views

CVE-2020-10245

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.

10CVSS9.5AI score0.00825EPSS

CVE•added 2019/11/20 6:15 p.m.•64 views

CVE-2019-18858

CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.

9.8CVSS9.4AI score0.00522EPSS

CVE•added 2022/12/26 7:15 p.m.•52 views

CVE-2020-12069

In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.

7.8CVSS7.8AI score0.00029EPSS

CVE•added 2020/07/22 7:15 p.m.•52 views

CVE-2020-15806

CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.

7.5CVSS7.5AI score0.00591EPSS

CVE•added 2020/01/24 8:15 p.m.•45 views

CVE-2020-7052

CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.

6.5CVSS6.4AI score0.00755EPSS