Vulnerabilities > Openplcproject > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-18 | CVE-2024-36980 | Out-of-bounds Read vulnerability in Openplcproject Openplc V3 Firmware 20240404 An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. | 7.5 |
| 2024-09-18 | CVE-2024-36981 | Out-of-bounds Read vulnerability in Openplcproject Openplc V3 Firmware 20240404 An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. | 7.5 |
| 2024-09-18 | CVE-2024-39589 | Incorrect Type Conversion or Cast vulnerability in Openplcproject Openplc V3 Firmware 20240528 Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. | 7.5 |
| 2024-09-18 | CVE-2024-39590 | Incorrect Type Conversion or Cast vulnerability in Openplcproject Openplc V3 Firmware 20240528 Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC_v3 16bf8bac1a36d95b73e7b8722d0edb8b9c5bb56a. | 7.5 |
| 2021-08-03 | CVE-2021-31630 | Code Injection vulnerability in Openplcproject Openplc V3 Firmware Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application. | 8.8 |
| 2021-06-11 | CVE-2021-26828 | Unrestricted Upload of File with Dangerous Type vulnerability in Openplcproject Scadabr OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm. | 8.8 |