CX-Position
by Omron
CVEs (7)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-26419 | 0.00 | — | 0.02 | Apr 1, 2022 | Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code. | |||
| CVE-2022-26022 | 0.00 | — | 0.01 | Apr 1, 2022 | Omron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code. | |||
| CVE-2022-26417 | 0.00 | — | 0.01 | Apr 1, 2022 | Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code. | |||
| CVE-2022-25959 | 0.00 | — | 0.01 | Apr 1, 2022 | Omron CX-Position (versions 2.5.3 and prior) is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code. | |||
| CVE-2020-27257 | 0.00 | — | 0.02 | Feb 9, 2021 | This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices. | |||
| CVE-2020-27261 | 0.00 | — | 0.08 | Feb 9, 2021 | The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. | |||
| CVE-2020-27259 | 0.00 | — | 0.03 | Feb 9, 2021 | The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code. |
- CVE-2022-26419Apr 1, 2022risk 0.00cvss —epss 0.02
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to multiple stack-based buffer overflow conditions while parsing a specific project file, which may allow an attacker to locally execute arbitrary code.
- CVE-2022-26022Apr 1, 2022risk 0.00cvss —epss 0.01
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to an out-of-bounds write while processing a specific project file, which may allow an attacker to execute arbitrary code.
- CVE-2022-26417Apr 1, 2022risk 0.00cvss —epss 0.01
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to a use after free memory condition while processing a specific project file, which may allow an attacker to execute arbitrary code.
- CVE-2022-25959Apr 1, 2022risk 0.00cvss —epss 0.01
Omron CX-Position (versions 2.5.3 and prior) is vulnerable to memory corruption while processing a specific project file, which may allow an attacker to execute arbitrary code.
- CVE-2020-27257Feb 9, 2021risk 0.00cvss —epss 0.02
This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices.
- CVE-2020-27261Feb 9, 2021risk 0.00cvss —epss 0.08
The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
- CVE-2020-27259Feb 9, 2021risk 0.00cvss —epss 0.03
The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code.