Every CVE whose affected-product data names Omron Cx-programmer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (28)
CVE-2015-0987 — CVSS 10.0 (critical): Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password…
CVE-2023-38748 — CVSS 7.8 (high): Use after free vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open a…
CVE-2023-22314 — CVSS 7.8 (high): Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information…
CVE-2023-22317 — CVSS 7.8 (high): Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information…
CVE-2023-38746 — CVSS 7.8 (high): Out-of-bounds read vulnerability/issue exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user open…
CVE-2023-38747 — CVSS 7.8 (high): Heap-based buffer overflow vulnerability exists in CX-Programmer Included in CX-One CXONE-AL[][]D-V4 V9.80 and earlier. By having a user…
CVE-2018-18989 — CVSS 7.8 (high): In CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and prior and CX-Server Versions 5.0.23 and prior), when processing project…
CVE-2018-18993 — CVSS 7.8 (high): Two stack-based buffer overflow vulnerabilities have been discovered in CX-One Versions 4.42 and prior (CX-Programmer Versions 9.66 and…
CVE-2018-7514 — CVSS 7.8 (high): Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and…
CVE-2018-7530 — CVSS 7.8 (high): Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and…
CVE-2018-8834 — CVSS 7.8 (high): Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and…
CVE-2022-21124 — CVSS 7.8 (high): Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause…
CVE-2022-21219 — CVSS 7.8 (high): Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause…
CVE-2022-25230 — CVSS 7.8 (high): Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause…
CVE-2022-25234 — CVSS 7.8 (high): Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause…
CVE-2022-25325 — CVSS 7.8 (high): Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause…
CVE-2022-2979 — CVSS 7.8 (high): Opening a specially crafted file could cause the affected product to fail to release its memory reference potentially resulting in…
CVE-2022-3396 — CVSS 7.8 (high): OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
CVE-2022-3397 — CVSS 7.8 (high): OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
CVE-2022-3398 — CVSS 7.8 (high): OMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.
CVE-2022-43508 — CVSS 7.8 (high): Use-after free vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code…
CVE-2022-43509 — CVSS 7.8 (high): Out-of-bounds write vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary…
CVE-2022-43667 — CVSS 7.8 (high): Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or…
CVE-2023-22277 — CVSS 7.8 (high): Use after free vulnerability exists in CX-Programmer Ver.9.79 and earlier. By having a user open a specially crafted CXP file, information…
CVE-2022-31204 — CVSS 7.5 (high): Omron CS series, CJ series, and CP series PLCs through 2022-05-18 use cleartext passwords. They feature a UM Protection setting that allows…
CVE-2019-6556 — CVSS 6.6 (medium): When processing project files, the application (Omron CX-Programmer v9.70 and prior and Common Components January 2019 and prior) fails to…
CVE-2015-1015 — CVSS 2.1 (low): Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password…
CVE-2015-0988 — CVSS 2.1 (low): Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for…