Unitronics
Products
3- 8 CVEs
- 4 CVEs
- 1 CVE
Recent CVEs
13| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-4519 | Cri | 0.64 | 9.8 | 0.10 | Jun 25, 2016 | Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp file. | |
| CVE-2015-7939 | Cri | 0.62 | 9.6 | 0.01 | Jan 9, 2016 | Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename. | |
| CVE-2024-38435 | 0.00 | — | 0.00 | Jul 21, 2024 | Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of service | ||
| CVE-2024-27774 | 0.00 | — | 0.00 | Mar 18, 2024 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware | ||
| CVE-2024-27773 | 0.00 | — | 0.00 | Mar 18, 2024 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow RCE | ||
| CVE-2024-27772 | 0.00 | — | 0.01 | Mar 18, 2024 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow RCE | ||
| CVE-2024-27771 | 0.00 | — | 0.00 | Mar 18, 2024 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE | ||
| CVE-2024-27770 | 0.00 | — | 0.00 | Mar 18, 2024 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal | ||
| CVE-2024-27769 | 0.00 | — | 0.00 | Mar 18, 2024 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor may allow Taking Ownership Over Devices | ||
| CVE-2024-27768 | 0.00 | — | 0.00 | Mar 18, 2024 | Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE | ||
| CVE-2024-27767 | 0.00 | — | 0.00 | Mar 18, 2024 | CWE-287: Improper Authentication may allow Authentication Bypass | ||
| CVE-2015-7905 | 0.00 | — | 0.05 | Nov 13, 2015 | Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to execute unspecified code via unknown vectors. | ||
| CVE-2015-6478 | 0.00 | — | 0.02 | Nov 13, 2015 | Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site. |
- risk 0.64cvss 9.8epss 0.10
Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp file.
- risk 0.62cvss 9.6epss 0.01
Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename.
- CVE-2024-38435Jul 21, 2024risk 0.00cvss —epss 0.00
Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of service
- CVE-2024-27774Mar 18, 2024risk 0.00cvss —epss 0.00
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password may allow disclosing Sensitive Information Embedded inside Device's Firmware
- CVE-2024-27773Mar 18, 2024risk 0.00cvss —epss 0.00
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source may allow RCE
- CVE-2024-27772Mar 18, 2024risk 0.00cvss —epss 0.01
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may allow RCE
- CVE-2024-27771Mar 18, 2024risk 0.00cvss —epss 0.00
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE
- CVE-2024-27770Mar 18, 2024risk 0.00cvss —epss 0.00
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal
- CVE-2024-27769Mar 18, 2024risk 0.00cvss —epss 0.00
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor may allow Taking Ownership Over Devices
- CVE-2024-27768Mar 18, 2024risk 0.00cvss —epss 0.00
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-22: 'Path Traversal' may allow RCE
- CVE-2024-27767Mar 18, 2024risk 0.00cvss —epss 0.00
CWE-287: Improper Authentication may allow Authentication Bypass
- CVE-2015-7905Nov 13, 2015risk 0.00cvss —epss 0.05
Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to execute unspecified code via unknown vectors.
- CVE-2015-6478Nov 13, 2015risk 0.00cvss —epss 0.02
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site.