
CVE-2024-10918 – Stack-based Buffer Overflow in libmodbus library
https://notcve.org/view.php?id=CVE-2024-10918
27 Feb 2025 — Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an unexpected length. Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an unexpected length. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-10918 • CWE-121: Stack-based Buffer Overflow •

CVE-2024-36843
https://notcve.org/view.php?id=CVE-2024-36843
31 May 2024 — libmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free() function. Se descubrió que libmodbus v3.1.6 contenía un desbordamiento del montón mediante la función modbus_mapping_free(). • https://github.com/balckgu1/libmodbusPoc/blob/main/gdb.md • CWE-122: Heap-based Buffer Overflow •

CVE-2024-34244
https://notcve.org/view.php?id=CVE-2024-34244
08 May 2024 — libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors. libmodbus v3.1.10 es vulnerable al desbordamiento del búfer a través de la función modbus_write_bits. Este problema puede desencadenarse cuando la función se alimenta con entradas especialmente manipuladas, lo que conduce a una lectura fuera d... • https://github.com/stephane/libmodbus/issues/743 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •

CVE-2023-26793
https://notcve.org/view.php?id=CVE-2023-26793
01 May 2024 — libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in read_io_status function in src/modbus.c. libmodbus v3.1.10 tiene una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico en la función read_io_status en src/modbus.c. • https://github.com/stephane/libmodbus/issues/683 • CWE-122: Heap-based Buffer Overflow •

CVE-2022-0367
https://notcve.org/view.php?id=CVE-2022-0367
29 Aug 2022 — A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. Se encontró un fallo de desbordamiento de búfer en la región heap de la memoria en la función modbus_reply() en el archivo src/modbus.c • https://bugzilla.redhat.com/show_bug.cgi?id=2045571 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2019-14463
https://notcve.org/view.php?id=CVE-2019-14463
31 Jul 2019 — An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301. Se descubrió un problema en LIbmodbus anterior a 3.0.7 y 3.1 x anterior a 3.1.5. hay una lectura fuera de límites para el caso MODBUS_FC_WRITE_MULTIPLE_REGISTERS, también conocido como VD_-1301 • https://github.com/stephane/libmodbus/commit/5ccdf5ef79d742640355d1132fa9e2abc7fbaefc • CWE-125: Out-of-bounds Read •

CVE-2019-14462 – Ubuntu Security Notice USN-5173-1
https://notcve.org/view.php?id=CVE-2019-14462
31 Jul 2019 — An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302. Un problema fue descubierto en LIbmodbus anterior a 3.0.7 y 3.1 x anterior a 3.1.5. hay lectura fuera de límites para el caso MODBUS_FC_WRITE_MULTIPLE_COILS , también conocido como VD-1302 It was discovered that libmodbus incorrectly handled inputs. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. • https://github.com/stephane/libmodbus/commit/5ccdf5ef79d742640355d1132fa9e2abc7fbaefc • CWE-125: Out-of-bounds Read •