) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:omron:cx-programmer:9.66:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-22277 |
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22317 and CVE-2023-22314. Published: August 03, 2023; 11:15:17 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-22317 |
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22314. Published: August 03, 2023; 9:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-22314 |
Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. This vulnerability is different from CVE-2023-22277 and CVE-2023-22317. Published: August 03, 2023; 9:15:09 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-38748 |
Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. Published: August 03, 2023; 2:15:10 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-38747 |
Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. Published: August 03, 2023; 2:15:10 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-38746 |
Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. Published: August 03, 2023; 1:15:10 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-43667 |
Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Published: December 06, 2022; 11:15:10 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-43509 |
Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Published: December 06, 2022; 11:15:10 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-43508 |
Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Published: December 06, 2022; 11:15:10 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-3398 |
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. Published: October 06, 2022; 2:16:22 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2022-3397 |
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. Published: October 06, 2022; 2:16:22 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2022-3396 |
OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code. Published: October 06, 2022; 2:16:21 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2022-2979 |
Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in arbitrary code execution. Published: September 12, 2022; 5:15:10 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2022-25325 |
Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25230. Published: March 10, 2022; 12:47:07 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2022-25234 |
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-21124. Published: March 10, 2022; 12:47:03 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2022-25230 |
Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25325. Published: March 10, 2022; 12:47:03 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2022-21219 |
Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. Published: March 10, 2022; 12:45:14 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2022-21124 |
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234. Published: March 10, 2022; 12:45:08 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2019-6556 |
When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. Published: April 10, 2019; 4:29:01 PM -0400 |
V3.0: 6.6 MEDIUM V2.0: 6.8 MEDIUM |
| CVE-2018-18993 |
Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior). When processing project files, the application allows input data to exceed the buffer. An attacker could use a specially crafted project file to overflow the buffer and execute code under the privileges of the application. Published: December 04, 2018; 5:29:00 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |