3s Software
3s-software
13 CVEs • 4 products
Products (4)
Click to collapseToggle
Products (4)
Click to collapse
CVEs (13)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
13s Software 2Codesys Runtime System Codesys Web ServerNov 21, 2024 Feb 15, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS run...Show more |
Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted request. |
33s Software FestoSoftmotion3d4Cecx X C1 Modular Master Controller Cecx X M1 Modular ControllerCodesys Runtime System+1 moreMay 6, 2026 Apr 25, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to...Show more |
33s Software FestoSoftmotion3d4Cecx X C1 Modular Master Controller Cecx X M1 Modular ControllerCodesys Runtime System+1 moreMay 6, 2026 Apr 25, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which could allow a remote attac...Show more |
13s Software 1Codesys Runtime Toolkit Apr 29, 2026 Jan 31, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. |
Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. |
Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. |
3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access. |
Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow. |
Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname. |
Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. |
13s Software 1Codesys Runtime System Apr 29, 2026 Jan 21, 2013 N/A· v4 10.0 CRITICAL· v3 10.0 HIGH· v2 The CoDeSys Runtime Toolkit’s file transfer functionality does not perform input validation, which allows an attacker to access files and directories outside the intended scope. This may allow an attacker to upload an...Show more |
13s Software 1Codesys Runtime System Apr 29, 2026 Jan 21, 2013 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to execute commands via the command-line interface in the TCP listener service or transfer file...Show more |