Vulnerabilities > Codesys > Control FOR Empc A Imx6 SL > 4.0.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-37556 | Unspecified vulnerability in Codesys products In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. | 6.5 |
| 2023-08-03 | CVE-2023-37557 | Out-of-bounds Write vulnerability in Codesys products After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition. | 6.5 |
| 2023-08-03 | CVE-2023-37558 | Unspecified vulnerability in Codesys products After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. | 6.5 |
| 2023-08-03 | CVE-2023-37559 | Unspecified vulnerability in Codesys products After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. | 6.5 |
| 2023-08-03 | CVE-2023-37545 | Unspecified vulnerability in Codesys products In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. | 6.5 |
| 2023-05-15 | CVE-2022-22508 | Improper Input Validation vulnerability in Codesys products Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type. | 4.3 |
| 2023-05-15 | CVE-2022-47391 | Improper Input Validation vulnerability in Codesys products In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. | 7.5 |
| 2023-03-23 | CVE-2022-4224 | Insecure Default Initialization of Resource vulnerability in Codesys products In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device. | 8.8 |
| 2022-04-07 | CVE-2022-22513 | NULL Pointer Dereference vulnerability in Codesys products An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. | 3.5 |
| 2022-04-07 | CVE-2022-22514 | Untrusted Pointer Dereference vulnerability in Codesys products An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. | 4.9 |