CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25325
https://notcve.org/view.php?id=CVE-2022-25325
07 Mar 2022 — Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230. Una vulnerabilidad de uso de memoria previamente liberada en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One (v4.60), permite a un atacante causar una divulgación de información y/o ... • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25234
https://notcve.org/view.php?id=CVE-2022-25234
07 Mar 2022 — Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-21124. Una vulnerabilidad de escritura fuera de límites en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One (versión v4.60), permite a un atacante causar una divulgación de información ... • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25230
https://notcve.org/view.php?id=CVE-2022-25230
07 Mar 2022 — Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325. Una vulnerabilidad de Uso de Memoria previamente Liberada en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One versión (v4.60), permite a un atacante causar una divulgación de informac... • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21219
https://notcve.org/view.php?id=CVE-2022-21219
07 Mar 2022 — Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Una vulnerabilidad de lectura fuera de límites en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One (v4.60), permite a un atacante causar una divulgación de información y/o la ejecución de código arbitrario al hacer que un usuario ab... • https://jvn.jp/en/vu/JVNVU90121984/index.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21124
https://notcve.org/view.php?id=CVE-2022-21124
07 Mar 2022 — Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234. Una vulnerabilidad de escritura fuera de límites en CX-Programmer versiones v9.76.1 y anteriores, que forma parte de la suite CX-One (v4.60), permite a un atacante causar una divulgación de información y/o la e... • http://www.openwall.com/lists/oss-security/2022/06/14/4 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21137 – Omron CX-One
https://notcve.org/view.php?id=CVE-2022-21137
14 Jan 2022 — Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code. Omron CX-One versiones 4.60 y anteriores, son vulnerables a un desbordamiento del búfer en la región stack de la memoria mientras son procesados archivos de proyectos específicos, lo que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected install... • https://www.cisa.gov/uscert/ics/advisories/icsa-22-006-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-20836
https://notcve.org/view.php?id=CVE-2021-20836
19 Oct 2021 — Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files. Una vulnerabilidad de lectura fuera de límites en CX-Supervisor versiones v4.0.0.13 y v4.0.0.16, permite a un atacante con privilegios administrativos causar una divulgación de información y/o la ejecución de código arbitrario al abrir un archivo de proyecto SCS especialmen... • https://jvn.jp/en/vu/JVNVU90041391/index.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27413 – Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27413
13 May 2021 — Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. Las versiones 4.60 y anteriores de Omron CX-One, incluidas las versiones 5.0.29.0 y anteriores de CX-Server, son vulnerables a un desbordamiento del búfer basado en la pila, que puede permitir a un atacante ejecutar código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected instal... • https://us-cert.cisa.gov/ics/advisories/icsa-21-131-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-27257 – Omron CX-One
https://notcve.org/view.php?id=CVE-2020-27257
09 Feb 2021 — This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices. Esta vulnerabilidad permite a atacantes locales ejecutar código arbitrario debido a una falta de comprobación apropiada de los datos suministrados por un usuario, lo que puede resultar en una condición de confusión de tipos en Omron CX-One Versión 4.60 y dispositivos anteriores This v... • https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2020-27261 – Omron CX-One
https://notcve.org/view.php?id=CVE-2020-27261
09 Feb 2021 — The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. El Omron CX-One versiones 4.60 y anteriores es vulnerable a un desbordamiento del búfer en la región stack de la memoria, lo que puede permitir a un atacante ejecutar código arbitrario remotamente This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulner... • https://us-cert.cisa.gov/ics/advisories/icsa-21-007-02 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •