| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-19789 | 4.0 |
3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.
|
03-01-2020 - 15:43 | 20-12-2019 - 13:15 | |
| CVE-2021-30195 | 5.0 |
CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.
|
26-05-2021 - 12:57 | 25-05-2021 - 13:15 | |
| CVE-2021-30186 | 5.0 |
CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.
|
26-05-2021 - 13:18 | 25-05-2021 - 13:15 | |
| CVE-2021-34596 | 4.0 |
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.
|
04-11-2021 - 15:29 | 26-10-2021 - 10:15 | |
| CVE-2021-34595 | 5.5 |
A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.
|
04-11-2021 - 15:29 | 26-10-2021 - 10:15 | |
| CVE-2021-34593 | 5.0 |
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further comm
|
12-04-2022 - 18:05 | 26-10-2021 - 10:15 |
