Omron Cx-supervisor
20 CVEs affecting Omron Cx-supervisor. Latest disclosed: 2021-10-19. Critical: 0, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-18251 | High | 8.8 | 2019-11-26 | In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to… |
CVE-2018-19017 | High | 8.8 | 2019-01-22 | Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). When processing project files, the application fails to… |
CVE-2018-19011 | High | 8.8 | 2019-01-22 | CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the p… |
CVE-2018-17913 | High | 7.8 | 2018-11-05 | A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute c… |
CVE-2018-17909 | High | 7.8 | 2018-11-05 | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may al… |
CVE-2018-17905 | High | 7.8 | 2018-11-05 | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specif… |
CVE-2018-19018 | High | 7.3 | 2019-02-12 | An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. An atta… |
CVE-2018-19015 | High | 7.3 | 2019-01-28 | An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted p… |
CVE-2018-19019 | High | 7.3 | 2019-01-22 | A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted proje… |
CVE-2021-20836 | Medium | 6.5 | 2021-10-19 | Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and… |
CVE-2018-7525 | Medium | 5.3 | 2018-03-21 | In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability. |
CVE-2018-7523 | Medium | 5.3 | 2018-03-21 | In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability. |
CVE-2018-7521 | Medium | 5.3 | 2018-03-21 | In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file. |
CVE-2018-7519 | Medium | 5.3 | 2018-03-21 | In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow. |
CVE-2018-7517 | Medium | 5.3 | 2018-03-21 | In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. |
CVE-2018-7515 | Medium | 5.3 | 2018-03-21 | In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initial… |
CVE-2018-7513 | Medium | 5.3 | 2018-03-21 | In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. |
CVE-2018-19020 | Medium | 5.0 | 2019-02-12 | When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the application to read a v… |
CVE-2018-19013 | Medium | 5.0 | 2019-01-22 | An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a specially crafted p… |
CVE-2018-17907 | Low | 3.3 | 2018-11-05 | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the applicatio… |