Page 4 of 49 results (0.009 seconds)

CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550 • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-20: Improper Input Validation •

CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0

An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0

An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download= • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 0

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= • CWE-787: Out-of-bounds Write •