Skip to main content

Cx Programmer

27 CVEs product

Monthly

CVE-2023-22277 HIGH This Week

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-22317 HIGH This Week

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-22314 HIGH This Week

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-38748 HIGH This Week

Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Information Disclosure +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-38747 HIGH This Week

Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Information Disclosure Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-38746 HIGH This Week

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-43667 HIGH This Week

Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure RCE Buffer Overflow Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-43509 HIGH This Week

Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure RCE Buffer Overflow Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-43508 HIGH This Week

Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Use After Free Memory Corruption Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-3398 CRITICAL Act Now

OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Cx Programmer
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-3397 CRITICAL Act Now

OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Cx Programmer
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-3396 CRITICAL Act Now

OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Cx Programmer
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-2979 HIGH This Week

Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-31204 HIGH This Week

Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sysmac Cs1 Firmware Sysmac Cj2M Firmware Sysmac Cj2H Firmware Sysmac Cp1E Firmware +4
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-25325 HIGH This Week

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-25234 HIGH This Week

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Information Disclosure Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-25230 HIGH This Week

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Information Disclosure Denial Of Service +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-21219 HIGH This Week

Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2022-21124 HIGH This Week

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Information Disclosure Cx Programmer
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2019-6556 MEDIUM This Month

When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Common Components Cx Programmer
NVD
CVSS 3.0
6.6
EPSS
1.2%
CVE-2018-18993 HIGH This Week

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx One Cx Programmer Cx Server
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2018-18989 HIGH This Week

In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Use After Free Cx One Cx Programmer +1
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-8834 HIGH This Week

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cx Flnet Cx One Cx Programmer +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2018-7530 HIGH This Week

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Cx Flnet Cx One Cx Programmer +4
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-7514 HIGH This Week

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx Flnet Cx One Cx Programmer +4
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2015-1015 LOW Monitor

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cx Programmer Cj2H Plc Cj2M Plc
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-0988 LOW Monitor

Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cx Programmer
NVD
CVSS 2.0
2.1
EPSS
0.1%
EPSS 0% CVSS 7.8
HIGH This Week

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure RCE +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure RCE +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Use After Free +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sysmac Cs1 Firmware Sysmac Cj2M Firmware +6
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free +3
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Information Disclosure +1
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 1% CVSS 6.6
MEDIUM This Month

When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx One +2
NVD
EPSS 2% CVSS 7.8
HIGH This Week

In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project files, the application fails to check if it is referencing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Use After Free +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Cx Flnet +6
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Cx Flnet +6
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Cx Flnet +6
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cx Programmer Cj2H Plc +1
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cx Programmer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy