Vulnerabilities > Omron > CX Position > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-01 CVE-2022-25959 Out-of-bounds Write vulnerability in Omron Cx-Position 2.5.3
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code.
local
low complexity
omron CWE-787
7.8
2022-04-01 CVE-2022-26022 Out-of-bounds Write vulnerability in Omron Cx-Position 2.5.3
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code.
local
low complexity
omron CWE-787
7.8
2022-04-01 CVE-2022-26417 Use After Free vulnerability in Omron Cx-Position 2.5.3
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code.
local
low complexity
omron CWE-416
7.8
2022-04-01 CVE-2022-26419 Out-of-bounds Write vulnerability in Omron Cx-Position 2.5.3
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code.
local
low complexity
omron CWE-787
7.8
2021-02-09 CVE-2020-27261 Out-of-bounds Write vulnerability in Omron products
The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
network
low complexity
omron CWE-787
8.8
2021-02-09 CVE-2020-27259 Unspecified vulnerability in Omron products
The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code.
network
low complexity
omron
8.8
2021-02-09 CVE-2020-27257 Type Confusion vulnerability in Omron products
This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices.
local
low complexity
omron CWE-843
7.8