Vulnerabilities > MZ Automation > Libiec61850
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-14 | CVE-2020-7054 | Out-of-bounds Write vulnerability in Mz-Automation Libiec61850 MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type. | 8.8 |
| 2019-12-24 | CVE-2019-19958 | Allocation of Resources Without Limits or Throttling vulnerability in Mz-Automation Libiec61850 1.4.0 In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/string_utilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service. | 6.5 |
| 2019-12-24 | CVE-2019-19957 | Out-of-bounds Read vulnerability in Mz-Automation Libiec61850 1.4.0 In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength. | 6.5 |
| 2019-12-23 | CVE-2019-19944 | Out-of-bounds Read vulnerability in Mz-Automation Libiec61850 1.4.0 In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos. | 6.5 |
| 2019-12-23 | CVE-2019-19931 | Out-of-bounds Write vulnerability in Mz-Automation Libiec61850 1.4.0 In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow. | 8.8 |
| 2019-12-23 | CVE-2019-19930 | Integer Overflow or Wraparound vulnerability in Mz-Automation Libiec61850 1.4.0 In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation. | 6.5 |
| 2019-09-19 | CVE-2019-16510 | Use After Free vulnerability in Mz-Automation Libiec61850 libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose. | 7.5 |
| 2019-07-15 | CVE-2019-1010300 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mz-Automation Libiec61850 1.3.0/1.3.1/1.3.2 mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. | 7.5 |
| 2019-01-23 | CVE-2019-6719 | Use After Free vulnerability in Mz-Automation Libiec61850 1.3.1 An issue has been found in libIEC61850 v1.3.1. | 7.5 |
| 2019-01-11 | CVE-2019-6138 | Memory Leak vulnerability in Mz-Automation Libiec61850 1.3.1 An issue has been found in libIEC61850 v1.3.1. | 7.5 |