Vulnerabilities > Codesys > Control FOR Raspberry PI SL > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-07 CVE-2022-22517 Use of Insufficiently Random Values vulnerability in Codesys products
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets.
network
low complexity
codesys CWE-330
7.5
2022-04-07 CVE-2022-22519 Buffer Over-read vulnerability in Codesys products
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.
network
low complexity
codesys CWE-126
7.5
2021-05-03 CVE-2021-29241 NULL Pointer Dereference vulnerability in Codesys products
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).
network
low complexity
codesys CWE-476
7.5
2021-05-03 CVE-2021-29242 Improper Input Validation vulnerability in Codesys products
CODESYS Control Runtime system before 3.5.17.0 has improper input validation.
network
low complexity
codesys CWE-20
7.3
2019-08-15 CVE-2019-9012 Allocation of Resources Without Limits or Throttling vulnerability in Codesys products
An issue was discovered in 3S-Smart CODESYS V3 products.
network
low complexity
codesys CWE-770
7.5
2019-02-19 CVE-2018-20026 Unspecified vulnerability in Codesys products
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.
network
low complexity
codesys
7.5
2019-02-19 CVE-2018-20025 Use of Insufficiently Random Values vulnerability in Codesys products
Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0.
network
low complexity
codesys CWE-330
7.5