Control For Raspberry Pi Sl
by Codesys
CVEs (45)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-37545 | 0.00 | — | 0.01 | Aug 3, 2023 | In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a… | |||
| CVE-2022-47393 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation. | |||
| CVE-2022-47392 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. | |||
| CVE-2022-47391 | 0.00 | — | 0.02 | May 15, 2023 | In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. | |||
| CVE-2022-47390 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | |||
| CVE-2022-47389 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | |||
| CVE-2022-47388 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | |||
| CVE-2022-47387 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | |||
| CVE-2022-47386 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | |||
| CVE-2022-47385 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | |||
| CVE-2022-47384 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | |||
| CVE-2022-47383 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | |||
| CVE-2022-47382 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | |||
| CVE-2022-47381 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | |||
| CVE-2022-47380 | 0.00 | — | 0.01 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | |||
| CVE-2022-47379 | 0.00 | — | 0.02 | May 15, 2023 | An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | |||
| CVE-2022-47378 | 0.00 | — | 0.01 | May 15, 2023 | Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition. | |||
| CVE-2022-30792 | 0.00 | — | 0.01 | Jul 11, 2022 | In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. | |||
| CVE-2022-30791 | 0.00 | — | 0.01 | Jul 11, 2022 | In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. | |||
| CVE-2022-22519 | 0.00 | — | 0.01 | Apr 7, 2022 | A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system. |
- CVE-2023-37545Aug 3, 2023risk 0.00cvss —epss 0.01
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a…
- CVE-2022-47393May 15, 2023risk 0.00cvss —epss 0.01
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.
- CVE-2022-47392May 15, 2023risk 0.00cvss —epss 0.01
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition.
- CVE-2022-47391May 15, 2023risk 0.00cvss —epss 0.02
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
- CVE-2022-47390May 15, 2023risk 0.00cvss —epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- CVE-2022-47389May 15, 2023risk 0.00cvss —epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- CVE-2022-47388May 15, 2023risk 0.00cvss —epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- CVE-2022-47387May 15, 2023risk 0.00cvss —epss 0.01
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- CVE-2022-47386May 15, 2023risk 0.00cvss —epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- CVE-2022-47385May 15, 2023risk 0.00cvss —epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- CVE-2022-47384May 15, 2023risk 0.00cvss —epss 0.01
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- CVE-2022-47383May 15, 2023risk 0.00cvss —epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- CVE-2022-47382May 15, 2023risk 0.00cvss —epss 0.01
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- CVE-2022-47381May 15, 2023risk 0.00cvss —epss 0.01
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
- CVE-2022-47380May 15, 2023risk 0.00cvss —epss 0.01
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
- CVE-2022-47379May 15, 2023risk 0.00cvss —epss 0.02
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
- CVE-2022-47378May 15, 2023risk 0.00cvss —epss 0.01
Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.
- CVE-2022-30792Jul 11, 2022risk 0.00cvss —epss 0.01
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.
- CVE-2022-30791Jul 11, 2022risk 0.00cvss —epss 0.01
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.
- CVE-2022-22519Apr 7, 2022risk 0.00cvss —epss 0.01
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.
Page 2 of 3