U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:omron:cx-supervisor:3.5:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 15 matching records.
Displaying matches 1 through 15.
Vuln ID Summary CVSS Severity
CVE-2019-18251

In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervisor ships with Teamviewer Version 5.0.8703 QS. This version of Teamviewer is vulnerable to an obsolete function vulnerability requiring user interaction to exploit.

Published: November 25, 2019; 7:15:11 PM -0500
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-19020

When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array.

Published: February 12, 2019; 5:29:00 PM -0500
V4.0:(not available)
V3.0: 5.0 MEDIUM
V2.0: 3.5 LOW
CVE-2018-19018

An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Published: February 12, 2019; 5:29:00 PM -0500
V4.0:(not available)
V3.0: 7.3 HIGH
V2.0: 6.0 MEDIUM
CVE-2018-19015

An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. An attacker could exploit this to execute code under the privileges of the application.

Published: January 28, 2019; 2:29:00 PM -0500
V4.0:(not available)
V3.1: 7.3 HIGH
V2.0: 6.0 MEDIUM
CVE-2018-19019

A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Published: January 22, 2019; 3:29:01 PM -0500
V4.0:(not available)
V3.0: 7.3 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-19017

Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). When processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.

Published: January 22, 2019; 3:29:00 PM -0500
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-19013

An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file.

Published: January 22, 2019; 3:29:00 PM -0500
V4.0:(not available)
V3.0: 5.0 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2018-19011

CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application.

Published: January 22, 2019; 3:29:00 PM -0500
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2018-7525

In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability.

Published: March 21, 2018; 4:29:01 PM -0400
V4.0:(not available)
V3.0: 5.3 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2018-7523

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability.

Published: March 21, 2018; 4:29:01 PM -0400
V4.0:(not available)
V3.0: 5.3 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2018-7521

In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file.

Published: March 21, 2018; 4:29:01 PM -0400
V4.0:(not available)
V3.0: 5.3 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2018-7519

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow.

Published: March 21, 2018; 4:29:01 PM -0400
V4.0:(not available)
V3.1: 5.3 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2018-7517

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability.

Published: March 21, 2018; 4:29:01 PM -0400
V4.0:(not available)
V3.0: 5.3 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2018-7515

In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets.

Published: March 21, 2018; 4:29:01 PM -0400
V4.0:(not available)
V3.1: 5.3 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2018-7513

In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow.

Published: March 21, 2018; 4:29:01 PM -0400
V4.0:(not available)
V3.1: 5.3 MEDIUM
V2.0: 4.6 MEDIUM