Vulnerabilities > Codesys > HMI SL > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-15 | CVE-2022-47392 | Improper Input Validation vulnerability in Codesys products An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. | 6.5 |
| 2023-05-15 | CVE-2022-47393 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Codesys products An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation. | 6.5 |
| 2023-05-15 | CVE-2022-22508 | Improper Input Validation vulnerability in Codesys products Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type. | 4.3 |
| 2023-05-15 | CVE-2022-47378 | Improper Input Validation vulnerability in Codesys products Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. | 6.5 |
| 2022-04-07 | CVE-2022-22513 | NULL Pointer Dereference vulnerability in Codesys products An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. | 6.5 |