Vulnerabilities > Codesys > Control FOR Empc A Imx6 > 3.5.13.30
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-05 | CVE-2023-6357 | OS Command Injection vulnerability in Codesys products A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device. | 8.8 |
2022-07-11 | CVE-2022-30791 | Resource Exhaustion vulnerability in Codesys products In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. | 5.0 |
2022-07-11 | CVE-2022-30792 | Resource Exhaustion vulnerability in Codesys products In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. | 5.0 |
2020-07-22 | CVE-2020-15806 | Allocation of Resources Without Limits or Throttling vulnerability in Codesys products CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. | 5.0 |
2020-05-14 | CVE-2020-12068 | Improper Privilege Management vulnerability in Codesys products An issue was discovered in CODESYS Development System before 3.5.16.0. | 6.4 |
2020-01-24 | CVE-2020-7052 | Resource Exhaustion vulnerability in Codesys products CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. | 4.0 |
2019-09-17 | CVE-2019-9009 | Improper Handling of Exceptional Conditions vulnerability in Codesys products An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . | 5.0 |
2019-09-13 | CVE-2019-13548 | Out-of-bounds Write vulnerability in Codesys products CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution. | 7.5 |