Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Codesys Subscribe
Filtered by product Plcwinnt

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32141 1 Codesys 2 Plcwinnt, Runtime Toolkit 2022-07-01 4.0 MEDIUM 6.5 MEDIUM
Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required.
CVE-2022-32140 1 Codesys 2 Plcwinnt, Runtime Toolkit 2022-07-01 4.0 MEDIUM 6.5 MEDIUM
Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required.
CVE-2022-32139 1 Codesys 2 Plcwinnt, Runtime Toolkit 2022-07-01 4.0 MEDIUM 6.5 MEDIUM
In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required.
CVE-2022-32136 1 Codesys 2 Plcwinnt, Runtime Toolkit 2022-07-01 4.0 MEDIUM 6.5 MEDIUM
In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required.
CVE-2021-34596 1 Codesys 2 Plcwinnt, Runtime Toolkit 2021-11-04 4.0 MEDIUM 6.5 MEDIUM
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.
CVE-2019-19789 1 Codesys 3 Plcwinnt, Runtime Toolkit, Sp Realtime Nt 2020-01-03 4.0 MEDIUM 6.5 MEDIUM
3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.