Vulnerabilities > Omron > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-12 | CVE-2019-10971 | Untrusted Search Path vulnerability in Omron Network Configurator FOR Devicenet Safety 3.41 The application (Network Configurator for DeviceNet Safety 3.41 and prior) searches for resources by means of an untrusted search path that could execute a malicious .dll file not under the application's direct control and outside the intended directories. | 6.8 |
| 2019-04-10 | CVE-2019-6556 | Use After Free vulnerability in Omron Common Components and Cx-Programmer When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. | 6.8 |
| 2019-03-27 | CVE-2018-16207 | Unspecified vulnerability in Omron Poweract PRO Master Agent PowerAct Pro Master Agent for Windows Version 5.13 and earlier allows authenticated attackers to bypass access restriction to alter or edit unauthorized files via unspecified vectors. | 4.0 |
| 2019-02-12 | CVE-2018-19018 | Access of Uninitialized Pointer vulnerability in Omron Cx-Supervisor 3.5 An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. | 6.0 |
| 2019-01-30 | CVE-2018-19027 | Incorrect Type Conversion or Cast vulnerability in Omron Cx-One and Cx-Protocol Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. | 6.8 |
| 2019-01-28 | CVE-2018-19015 | Command Injection vulnerability in Omron Cx-Supervisor 3.5 An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. | 6.0 |
| 2019-01-22 | CVE-2018-19019 | Incorrect Type Conversion or Cast vulnerability in Omron Cx-Supervisor 3.5 A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). | 6.8 |
| 2019-01-22 | CVE-2018-19017 | Use After Free vulnerability in Omron Cx-Supervisor 3.5 Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). | 6.8 |
| 2019-01-22 | CVE-2018-19013 | Command Injection vulnerability in Omron Cx-Supervisor 3.5 An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. | 4.9 |
| 2019-01-22 | CVE-2018-19011 | Code Injection vulnerability in Omron Cx-Supervisor 3.5 CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. | 6.8 |