Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cx\-Supervisor
(Omron)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 20 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-01-22 | CVE-2018-19019 | A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | Cx\-Supervisor | 7.3 | ||
| 2019-02-12 | CVE-2018-19018 | An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | Cx\-Supervisor | 7.3 | ||
| 2019-01-22 | CVE-2018-19017 | Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). When processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | Cx\-Supervisor | 8.8 | ||
| 2019-01-28 | CVE-2018-19015 | An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. An attacker could exploit this to execute code under the privileges of the application. | Cx\-Supervisor | 7.3 | ||
| 2019-01-22 | CVE-2018-19013 | An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. | Cx\-Supervisor | 5.0 | ||
| 2019-01-22 | CVE-2018-19011 | CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application. | Cx\-Supervisor | 8.8 | ||
| 2018-11-05 | CVE-2018-17913 | A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application. | Cx\-Supervisor | 7.8 | ||
| 2018-11-05 | CVE-2018-17909 | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code under the context of the application. | Cx\-Supervisor | 7.8 | ||
| 2018-11-05 | CVE-2018-17907 | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array. | Cx\-Supervisor | 3.3 | ||
| 2018-11-05 | CVE-2018-17905 | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object. | Cx\-Supervisor | 7.8 |