Vulnerabilities > Codesys > Control Runtime System Toolkit > 3.5.16.70
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-15 | CVE-2022-47390 | Out-of-bounds Write vulnerability in Codesys products An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | 8.8 |
| 2023-05-15 | CVE-2022-47391 | Improper Input Validation vulnerability in Codesys products In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. | 7.5 |
| 2022-07-11 | CVE-2022-30791 | Resource Exhaustion vulnerability in Codesys products In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. | 5.0 |
| 2022-07-11 | CVE-2022-30792 | Resource Exhaustion vulnerability in Codesys products In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. | 5.0 |