Vulnerabilities > Omron > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-21 | CVE-2018-7523 | Double Free vulnerability in Omron Cx-Supervisor 3.5 In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability. | 4.6 |
| 2018-03-21 | CVE-2018-7521 | Use After Free vulnerability in Omron Cx-Supervisor 3.5 In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file. | 4.6 |
| 2018-03-21 | CVE-2018-7519 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Omron Cx-Supervisor 3.5 In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow. | 4.6 |
| 2018-03-21 | CVE-2018-7517 | Out-of-bounds Write vulnerability in Omron Cx-Supervisor 3.5 In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. | 4.6 |
| 2018-03-21 | CVE-2018-7515 | NULL Pointer Dereference vulnerability in Omron Cx-Supervisor 3.5 In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets. | 4.6 |
| 2018-03-21 | CVE-2018-7513 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Omron Cx-Supervisor 3.5 In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. | 4.6 |
| 2015-10-06 | CVE-2015-0987 | Information Exposure vulnerability in Omron Cj2H Plc, Cj2M PLC and Cx-Programmer Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request. | 5.0 |
| 2014-07-24 | CVE-2014-2369 | Cross-Site Request Forgery (CSRF) vulnerability in Omron products Cross-site request forgery (CSRF) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | 6.0 |
| 2013-03-29 | CVE-2013-2301 | Permissions, Privileges, and Access Controls vulnerability in Omron Openwnn The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. | 4.3 |