Vulnerabilities > Omron > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-01-30 CVE-2023-22322 XXE vulnerability in Omron Cx-Motion PRO 1.4.6.013
Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier.
local
low complexity
omron CWE-611
5.5
2021-10-19 CVE-2021-20836 Out-of-bounds Read vulnerability in Omron Cx-Supervisor 4.0.0.13/4.0.0.16
Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files.
local
low complexity
omron CWE-125
6.5
2019-04-10 CVE-2019-6556 Use After Free vulnerability in Omron Common Components and Cx-Programmer
When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory.
local
low complexity
omron CWE-416
6.6
2019-03-27 CVE-2018-16207 Unspecified vulnerability in Omron Poweract PRO Master Agent
PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors.
network
low complexity
omron
6.5
2019-02-12 CVE-2018-19020 Out-of-bounds Read vulnerability in Omron Cx-Supervisor
When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array.
local
low complexity
omron CWE-125
5.0
2019-01-22 CVE-2018-19013 Command Injection vulnerability in Omron Cx-Supervisor
An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file.
local
low complexity
omron CWE-77
5.0
2018-03-21 CVE-2018-7525 NULL Pointer Dereference vulnerability in Omron Cx-Supervisor
In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability.
local
low complexity
omron CWE-476
5.3
2018-03-21 CVE-2018-7523 Double Free vulnerability in Omron Cx-Supervisor
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability.
local
low complexity
omron CWE-415
5.3
2018-03-21 CVE-2018-7521 Use After Free vulnerability in Omron Cx-Supervisor
In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file.
local
low complexity
omron CWE-416
5.3
2018-03-21 CVE-2018-7519 Out-of-bounds Write vulnerability in Omron Cx-Supervisor
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow.
local
low complexity
omron CWE-787
5.3