Vulnerabilities > Codesys
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-05 | CVE-2021-21863 | Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0 A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. | 7.8 |
| 2021-08-04 | CVE-2021-36764 | NULL Pointer Dereference vulnerability in Codesys Gateway In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. | 7.5 |
| 2021-08-04 | CVE-2021-36765 | NULL Pointer Dereference vulnerability in Codesys Ethernetip In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system. | 7.5 |
| 2021-08-03 | CVE-2021-33485 | Out-of-bounds Write vulnerability in Codesys products CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow. | 9.8 |
| 2021-08-03 | CVE-2021-33486 | Improper Handling of Exceptional Conditions vulnerability in Codesys Runtime Toolkit All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper Handling of Exceptional Conditions. | 7.5 |
| 2021-08-03 | CVE-2021-36763 | Files or Directories Accessible to External Parties vulnerability in Codesys products In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties. | 7.5 |
| 2021-08-02 | CVE-2021-21864 | Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0 A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. | 7.8 |
| 2021-08-02 | CVE-2021-21865 | Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0 A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16. | 7.8 |
| 2021-08-02 | CVE-2021-21866 | Deserialization of Untrusted Data vulnerability in Codesys Development System 3.5.16.0/3.5.17.0 A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. | 7.8 |
| 2021-05-25 | CVE-2021-30186 | Out-of-bounds Write vulnerability in Codesys Plcwinnt and Runtime Toolkit CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow. | 7.5 |