CVSS: 9.0EPSS: 1%CPEs: 14EXPL: 0CVE-2022-4046 – CODESYS: Improper memory restrictions fro CODESYS Control
https://notcve.org/view.php?id=CVE-2022-4046
03 Aug 2023 — In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device. • https://cert.vde.com/en/advisories/VDE-2023-025 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3669 – CODESYS: Missing Brute-Force protection in CODESYS Development System
https://notcve.org/view.php?id=CVE-2023-3669
03 Aug 2023 — A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog. • https://cert.vde.com/en/advisories/VDE-2023-023 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-37559 – CODESYS Improper Validation of Consistency within Input in multiple products
https://notcve.org/view.php?id=CVE-2023-37559
03 Aug 2023 — After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558 Después de una autenticación exitosa como usuario en múltiples productos Codesys en múltiples versiones, solicitudes de comunicación de red específicas diseñadas... • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-37558 – CODESYS Improper Validation of Consistency within Input in multiple products
https://notcve.org/view.php?id=CVE-2023-37558
03 Aug 2023 — After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559 Después de una autenticación exitosa como usuario en múltiples productos Codesys en múltiples versiones, solicitudes de comunicación de red específicas diseñadas... • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-37557 – CODESYS Heap-based Buffer Overflow in multiple products
https://notcve.org/view.php?id=CVE-2023-37557
03 Aug 2023 — After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition. Después de una autenticación exitosa como usuario en múltiples productos Codesys en múltiples versiones, solicitudes de comunicación remota diseñadas específicamente pueden hacer que el componente CmpAppBP sobrescriba un desbordamiento de búfer, lo que pue... • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-37556 – CODESYS Improper Input Validation in CmpAppBP
https://notcve.org/view.php?id=CVE-2023-37556
03 Aug 2023 — In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555. En varias versiones de varios productos Codesys, después de una autenticación exitosa como usuario, solicitudes... • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-37555 – CODESYS Improper Input Validation in CmpAppBP
https://notcve.org/view.php?id=CVE-2023-37555
03 Aug 2023 — In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556. En múltiples versiones de múltiples productos de Codesys, después de una autenticación exitosa como usuario, la... • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-37554 – CODESYS Improper Input Validation in CmpAppBP
https://notcve.org/view.php?id=CVE-2023-37554
03 Aug 2023 — In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556. En múltiples versiones de múltiples productos de Codesys, después de una autenticación exitosa como usuario, la... • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-37553 – CODESYS Improper Input Validation in CmpAppBP
https://notcve.org/view.php?id=CVE-2023-37553
03 Aug 2023 — In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556. En múltiples versiones de múltiples productos de Codesys, después de una autenticación exitosa como usuario, la... • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-37552 – CODESYS Improper Input Validation in CmpAppBP
https://notcve.org/view.php?id=CVE-2023-37552
03 Aug 2023 — In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556. En varias versiones de varios productos Codesys, después de una autenticación exitosa como usuario, solicitudes... • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-20: Improper Input Validation •