Vulnerabilities > Codesys > Remote Target Visu Toolkit

DATE CVE VULNERABILITY TITLE RISK
2021-05-03 CVE-2021-29242 Improper Input Validation vulnerability in Codesys products
CODESYS Control Runtime system before 3.5.17.0 has improper input validation.
network
low complexity
codesys CWE-20
7.3
2020-07-22 CVE-2020-15806 Memory Leak vulnerability in Codesys products
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
network
low complexity
codesys CWE-401
7.5
2020-03-26 CVE-2020-10245 Out-of-bounds Write vulnerability in Codesys products
CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
network
low complexity
codesys CWE-787
critical
9.8
2019-11-20 CVE-2019-18858 Classic Buffer Overflow vulnerability in Codesys products
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.
network
low complexity
codesys CWE-120
critical
9.8
2019-09-13 CVE-2019-13548 Out-of-bounds Write vulnerability in Codesys products
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.
network
low complexity
codesys CWE-787
critical
9.8
2019-09-13 CVE-2019-13532 Path Traversal vulnerability in Codesys products
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.
network
low complexity
codesys CWE-22
7.5