Safety Sil2
Approved changes feed: RSS · Atom
cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Codesys (4a5dbd6f-1914-5b18-8641-403ab498c199) |
|---|---|
| Product | Safety Sil2 (1fc76041-9767-50d5-b779-4e8e203388bc) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-37559 |
vulnerable | 2026-06-03 14:52:29.203830 |
CODESYS Improper Validation of Consistency within Input in multiple products
MEDIUM (6.5)
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558
Published: 2023-08-03T11:06:56.079Z
Updated: 2024-10-11T18:09:05.823Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37558 |
vulnerable | 2026-06-03 14:52:29.202402 |
CODESYS Improper Validation of Consistency within Input in multiple products
MEDIUM (6.5)
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559
Published: 2023-08-03T11:06:36.112Z
Updated: 2024-10-11T18:09:20.780Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37557 |
vulnerable | 2026-06-03 14:52:29.201127 |
CODESYS Heap-based Buffer Overflow in multiple products
MEDIUM (6.5)
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.
Published: 2023-08-03T11:06:17.884Z
Updated: 2024-10-09T20:52:16.817Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37556 |
vulnerable | 2026-06-03 14:52:29.199593 |
CODESYS Improper Input Validation in CmpAppBP
MEDIUM (6.5)
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.
Published: 2023-08-03T11:05:52.986Z
Updated: 2024-10-09T20:52:36.722Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37555 |
vulnerable | 2026-06-03 14:52:29.198245 |
CODESYS Improper Input Validation in CmpAppBP
MEDIUM (6.5)
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.
Published: 2023-08-03T11:05:33.660Z
Updated: 2024-10-09T20:52:51.974Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37554 |
vulnerable | 2026-06-03 14:52:29.197005 |
CODESYS Improper Input Validation in CmpAppBP
MEDIUM (6.5)
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.
Published: 2023-08-03T11:05:09.750Z
Updated: 2024-10-11T18:09:34.979Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37553 |
vulnerable | 2026-06-03 14:52:29.195558 |
CODESYS Improper Input Validation in CmpAppBP
MEDIUM (6.5)
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
Published: 2023-08-03T11:04:39.061Z
Updated: 2024-10-11T18:10:16.403Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37552 |
vulnerable | 2026-06-03 14:52:29.194386 |
CODESYS Improper Input Validation in CmpAppBP
MEDIUM (6.5)
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
Published: 2023-08-03T11:04:04.128Z
Updated: 2024-10-11T18:10:33.714Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37551 |
vulnerable | 2026-06-03 14:52:29.192905 |
CODESYS Files or Directories Accessible to External Parties in CmpApp
MEDIUM (6.5)
In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.
Published: 2023-08-03T11:03:37.457Z
Updated: 2024-10-11T18:10:51.431Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37550 |
vulnerable | 2026-06-03 14:52:29.191728 |
CODESYS: Improper Input Validation in CmpApp component
MEDIUM (6.5)
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.
Published: 2023-08-03T11:03:09.222Z
Updated: 2024-10-11T18:11:18.756Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37549 |
vulnerable | 2026-06-03 14:52:29.190407 |
CODESYS: Improper Input Validation in CmpApp component
MEDIUM (6.5)
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550
Published: 2023-08-03T11:02:33.725Z
Updated: 2024-10-11T18:12:01.720Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37548 |
vulnerable | 2026-06-03 14:52:29.189159 |
CODESYS: Improper Input Validation in CmpApp component
MEDIUM (6.5)
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550
Published: 2023-08-03T11:02:02.224Z
Updated: 2024-10-11T18:12:26.294Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37547 |
vulnerable | 2026-06-03 14:52:29.187759 |
CODESYS: Improper Input Validation in CmpApp component
MEDIUM (6.5)
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
Published: 2023-08-03T11:01:10.534Z
Updated: 2024-10-11T18:12:55.550Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37546 |
vulnerable | 2026-06-03 14:52:29.186620 |
CODESYS: Improper Input Validation in CmpApp component
MEDIUM (6.5)
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
Published: 2023-08-03T11:00:33.624Z
Updated: 2024-10-11T18:14:28.818Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37545 |
vulnerable | 2026-06-03 14:52:29.185243 |
CODESYS: Improper Input Validation in CmpApp component
MEDIUM (6.5)
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550
Published: 2023-08-03T10:59:28.961Z
Updated: 2024-10-11T18:14:47.934Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-4224 |
vulnerable | 2026-06-03 14:48:35.292187 |
CODESYS: Exposure of Resource to Wrong Sphere in CODESYS V3
HIGH (8.8)
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.
Published: 2023-03-23T11:15:37.014Z
Updated: 2026-05-29T14:08:13.754Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-7052 |
vulnerable | 2026-06-03 14:43:05.208872 |
Details available
CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.
Published: 2020-01-24T19:31:59.000Z
Updated: 2024-08-04T09:18:02.939Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-9009 |
vulnerable | 2026-06-03 14:40:48.601347 |
Details available
An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.
Published: 2019-09-17T15:34:42.000Z
Updated: 2024-08-04T21:31:37.644Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-20026 |
vulnerable | 2026-06-03 14:38:38.523148 |
Details available
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.
Published: 2019-02-19T21:00:00.000Z
Updated: 2024-09-16T20:37:39.329Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-20025 |
vulnerable | 2026-06-03 14:38:38.518310 |
Details available
Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0.
Published: 2019-02-19T21:00:00.000Z
Updated: 2024-09-16T18:39:11.508Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.