Vulnerabilities > Codesys > Edge Gateway > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-11 | CVE-2022-30791 | Resource Exhaustion vulnerability in Codesys products In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. | 7.5 |
| 2022-07-11 | CVE-2022-30792 | Resource Exhaustion vulnerability in Codesys products In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. | 7.5 |
| 2022-06-24 | CVE-2022-31805 | Unprotected Transport of Credentials vulnerability in Codesys products In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected. | 7.5 |
| 2022-04-07 | CVE-2022-22514 | Untrusted Pointer Dereference vulnerability in Codesys products An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. | 7.1 |
| 2022-04-07 | CVE-2022-22517 | Use of Insufficiently Random Values vulnerability in Codesys products An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. | 7.5 |
| 2021-05-03 | CVE-2021-29241 | NULL Pointer Dereference vulnerability in Codesys products CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS). | 7.5 |
| 2021-05-03 | CVE-2021-29242 | Improper Input Validation vulnerability in Codesys products CODESYS Control Runtime system before 3.5.17.0 has improper input validation. | 7.3 |