CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47136
https://notcve.org/view.php?id=CVE-2024-47136
03 Oct 2024 — Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. Existe una vulnerabilidad de lectura fuera de los límites en el sof... • https://jvn.jp/en/vu/JVNVU92808077 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47135
https://notcve.org/view.php?id=CVE-2024-47135
03 Oct 2024 — Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. Existe una vulnerabilidad de desbordamiento de búfer basad... • https://jvn.jp/en/vu/JVNVU92808077 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47134
https://notcve.org/view.php?id=CVE-2024-47134
03 Oct 2024 — Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files. Existe una vulnerabilidad de escritura fuera de los límites en el ... • https://jvn.jp/en/vu/JVNVU92808077 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-41374
https://notcve.org/view.php?id=CVE-2023-41374
20 Sep 2023 — Double free issue exists in Kostac PLC Programming Software Version 1.6.11.0 and earlier. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of KPP project files. The vendor states that Kostac PLC Programming Software Version 1.6.10.0 or later implements the function which prevents a project file alteration. Therefore, to mitigate the impact of these vulner... • https://jvn.jp/en/vu/JVNVU95282683/index.html • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-41375
https://notcve.org/view.php?id=CVE-2023-41375
20 Sep 2023 — Use after free vulnerability exists in Kostac PLC Programming Software Version 1.6.11.0. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of KPP project files. The vendor states that Kostac PLC Programming Software Version 1.6.10.0 or later implements the function which prevents a project file alteration. Therefore, to mitigate the impact of these vulnera... • https://jvn.jp/en/vu/JVNVU95282683/index.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22419
https://notcve.org/view.php?id=CVE-2023-22419
05 Mar 2023 — Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.9.0 and earlier. When processing a comment block in stage information, the end of data cannot be verified and out-of-bounds read occurs. As a result, opening a specially crafted project file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU94966432 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22421
https://notcve.org/view.php?id=CVE-2023-22421
05 Mar 2023 — Out-of-bounds read vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.9.0 and earlier. The insufficient buffer size for the PLC program instructions leads to out-of-bounds read. As a result, opening a specially crafted project file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU94966432 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22424
https://notcve.org/view.php?id=CVE-2023-22424
05 Mar 2023 — Use-after-free vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.9.0 and earlier. With the abnormal value given as the maximum number of columns for the PLC program, the process accesses the freed memory. As a result, opening a specially crafted project file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU94966432 • CWE-416: Use After Free •