Filtered by vendor Codesys
Subscriptions
Total
132 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-34593 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-11-21 | 7.5 High |
| In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing the PLC. | ||||
| CVE-2021-34586 | 1 Codesys | 1 Codesys | 2024-11-21 | 7.5 High |
| In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition. | ||||
| CVE-2021-34585 | 1 Codesys | 1 Codesys | 2024-11-21 | 7.5 High |
| In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation. | ||||
| CVE-2021-34584 | 1 Codesys | 1 Codesys | 2024-11-21 | 9.1 Critical |
| Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. | ||||
| CVE-2021-34583 | 1 Codesys | 1 Codesys | 2024-11-21 | 7.5 High |
| Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. | ||||
| CVE-2021-33486 | 1 Codesys | 1 Runtime Toolkit | 2024-11-21 | 7.5 High |
| All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper Handling of Exceptional Conditions. | ||||
| CVE-2021-33485 | 1 Codesys | 7 Control, Control Rte, Control Runtime System Toolkit and 4 more | 2024-11-21 | 9.8 Critical |
| CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow. | ||||
| CVE-2021-30195 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-11-21 | 7.5 High |
| CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. | ||||
| CVE-2021-30194 | 1 Codesys | 1 V2 Web Server | 2024-11-21 | 9.1 Critical |
| CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. | ||||
| CVE-2021-30193 | 1 Codesys | 1 V2 Web Server | 2024-11-21 | 9.8 Critical |
| CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write. | ||||
| CVE-2021-30192 | 1 Codesys | 1 V2 Web Server | 2024-11-21 | 9.8 Critical |
| CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check. | ||||
| CVE-2021-30191 | 1 Codesys | 1 V2 Web Server | 2024-11-21 | 7.5 High |
| CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input. | ||||
| CVE-2021-30190 | 1 Codesys | 1 V2 Web Server | 2024-11-21 | 9.8 Critical |
| CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. | ||||
| CVE-2021-30189 | 1 Codesys | 1 V2 Web Server | 2024-11-21 | 9.8 Critical |
| CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow. | ||||
| CVE-2021-30188 | 1 Codesys | 1 V2 Runtime System Sp | 2024-11-21 | 9.8 Critical |
| CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow. | ||||
| CVE-2021-30187 | 1 Codesys | 1 Runtime Toolkit | 2024-11-21 | 5.3 Medium |
| CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command. | ||||
| CVE-2021-30186 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-11-21 | 7.5 High |
| CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow. | ||||
| CVE-2021-29242 | 1 Codesys | 22 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 19 more | 2024-11-21 | 7.3 High |
| CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages. | ||||
| CVE-2021-29241 | 1 Codesys | 11 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 8 more | 2024-11-21 | 7.5 High |
| CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS). | ||||
| CVE-2021-29240 | 1 Codesys | 1 Development System | 2024-11-21 | 7.8 High |
| The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content. | ||||