CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33486
https://notcve.org/view.php?id=CVE-2021-33486
03 Aug 2021 — All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper Handling of Exceptional Conditions. Todas las versiones de CODESYS V3 Runtime Toolkit para VxWorks a partir de la versión V3.5.8.0 y versiones anteriores V3.5.17.10, presentan un Manejo Inapropiado de Condiciones Excepcionales • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14806&token=637e12e86301b83beac1653bd88da3aa5aa3f51b&download= • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2021-36763
https://notcve.org/view.php?id=CVE-2021-36763
03 Aug 2021 — In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties. En CODESYS V3 web server versiones anteriores a 3.5.17.10, los archivos o directorios son accesibles para las partes externas • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16803&token=0b8edf9276dc39ee52f43026c415c5b38085d90a&download= • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 0CVE-2021-33485
https://notcve.org/view.php?id=CVE-2021-33485
03 Aug 2021 — CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow. CODESYS Control Runtime system versiones anteriores a 3.5.17.10, presenta un Desbordamiento de Buffer en la región Heap de la memoria • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download= • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21866
https://notcve.org/view.php?id=CVE-2021-21866
02 Aug 2021 — A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de deserialización no segura en la funcionalidad ObjectManager.plugin ProfileInformation.ProfileData de CODESYS GmbH CODESYS Development System versiones 3.5.16 y... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16805&token=ee583c498941d9fda86490bca98ff21928eec08a&download= • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21865
https://notcve.org/view.php?id=CVE-2021-21865
02 Aug 2021 — A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de deserialización no segura en la funcionalidad PackageManagement.plugin ExtensionMethods.Clone() de CODESYS GmbH CODESYS Development System versión 3.5.16. Un archivo especi... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16805&token=ee583c498941d9fda86490bca98ff21928eec08a&download= • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-21864
https://notcve.org/view.php?id=CVE-2021-21864
02 Aug 2021 — A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de deserialización no segura en la funcionalidad ComponentModel ComponentManager.StartupCultureSettings de CODESYS GmbH CODESYS Development System versiones 3.... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16805&token=ee583c498941d9fda86490bca98ff21928eec08a&download= • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2021-30195
https://notcve.org/view.php?id=CVE-2021-30195
25 May 2021 — CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. CODESYS V2 runtime system versiones anteriores a 2.4.7.55, presenta una Comprobación Inapropiada de la Entrada • https://customers.codesys.com/index.php • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30188
https://notcve.org/view.php?id=CVE-2021-30188
25 May 2021 — CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow. CODESYS V2 runtime system SP versiones anteriores a 2.4.7.55, presenta un Desbordamiento del Búfer en la región stack de la memoria • https://customers.codesys.com/index.php • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2021-30186
https://notcve.org/view.php?id=CVE-2021-30186
25 May 2021 — CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow. CODESYS V2 runtime system SP versiones anteriores a 2.4.7.55, presenta un Desbordamiento del Búfer en la región Heap de la memoria • https://customers.codesys.com/index.php • CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30194
https://notcve.org/view.php?id=CVE-2021-30194
25 May 2021 — CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. CODESYS V2 Web-Server versiones anteriores a 1.1.9.20, presenta una Lectura Fuera de Límites • https://customers.codesys.com/index.php • CWE-125: Out-of-bounds Read •