Vulnerabilities > Codesys

DATE CVE VULNERABILITY TITLE RISK
2021-08-03 CVE-2021-36763 Files or Directories Accessible to External Parties vulnerability in Codesys products
In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.
network
low complexity
codesys CWE-552
7.5
7.5
2021-08-02 CVE-2021-21864 Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0
A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17.
local
low complexity
codesys CWE-502
7.8
7.8
2021-08-02 CVE-2021-21865 Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0
A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16.
local
low complexity
codesys CWE-502
7.8
7.8
2021-08-02 CVE-2021-21866 Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17.
local
low complexity
codesys CWE-502
7.8
7.8
2021-05-25 CVE-2021-30186 Out-of-bounds Write vulnerability in Codesys Plcwinnt and Runtime Toolkit
CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.
network
low complexity
codesys CWE-787
7.5
7.5
2021-05-25 CVE-2021-30188 Out-of-bounds Write vulnerability in Codesys V2 Runtime System SP
CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.
network
low complexity
codesys CWE-787
critical
 9.8
9.8
2021-05-25 CVE-2021-30189 Out-of-bounds Write vulnerability in Codesys V2 web Server
CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.
network
low complexity
codesys CWE-787
critical
 9.8
9.8
2021-05-25 CVE-2021-30190 Missing Authentication for Critical Function vulnerability in Codesys V2 web Server
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.
network
low complexity
codesys CWE-306
critical
 9.8
9.8
2021-05-25 CVE-2021-30191 Classic Buffer Overflow vulnerability in Codesys V2 web Server
CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy without Checking the Size of the Input.
network
low complexity
codesys CWE-120
7.5
7.5
2021-05-25 CVE-2021-30192 Unspecified vulnerability in Codesys V2 web Server
CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.
network
low complexity
codesys
critical
 9.8
9.8