Vulnerabilities > Omron > CX Supervisor > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-19 | CVE-2021-20836 | Out-of-bounds Read vulnerability in Omron Cx-Supervisor 4.0.0.13/4.0.0.16 Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files. | 6.0 |
| 2019-11-26 | CVE-2019-18251 | In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. | 6.8 |
| 2019-02-12 | CVE-2018-19018 | Access of Uninitialized Pointer vulnerability in Omron Cx-Supervisor 3.5 An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. | 6.0 |
| 2019-01-28 | CVE-2018-19015 | Command Injection vulnerability in Omron Cx-Supervisor 3.5 An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. | 6.0 |
| 2019-01-22 | CVE-2018-19019 | Incorrect Type Conversion or Cast vulnerability in Omron Cx-Supervisor 3.5 A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). | 6.8 |
| 2019-01-22 | CVE-2018-19017 | Use After Free vulnerability in Omron Cx-Supervisor 3.5 Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). | 6.8 |
| 2019-01-22 | CVE-2018-19013 | Command Injection vulnerability in Omron Cx-Supervisor 3.5 An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. | 4.9 |
| 2019-01-22 | CVE-2018-19011 | Code Injection vulnerability in Omron Cx-Supervisor 3.5 CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. | 6.8 |
| 2018-11-05 | CVE-2018-17913 | Incorrect Type Conversion or Cast vulnerability in Omron Cx-Supervisor A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application. | 6.8 |
| 2018-11-05 | CVE-2018-17909 | Use After Free vulnerability in Omron Cx-Supervisor When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code under the context of the application. | 6.8 |