Filtered by vendor Mz-automation Subscriptions
Total 36 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-19957 1 Mz-automation 1 Libiec61850 2024-11-21 6.5 Medium
In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_access_result.c has an out-of-bounds read vulnerability, related to bufPos and elementLength.
CVE-2019-19944 1 Mz-automation 1 Libiec61850 2024-11-21 6.5 Medium
In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.
CVE-2019-19931 1 Mz-automation 1 Libiec61850 2024-11-21 8.8 High
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
CVE-2019-19930 1 Mz-automation 1 Libiec61850 2024-11-21 6.5 Medium
In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mms_value.c has an integer signedness error that can lead to an attempted excessive memory allocation.
CVE-2019-16510 1 Mz-automation 1 Libiec61850 2024-11-21 7.5 High
libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
CVE-2019-1010300 1 Mz-automation 1 Libiec61850 2024-11-21 N/A
mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet.
CVE-2018-19185 1 Mz-automation 1 Libiec61850 2024-11-21 N/A
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
CVE-2018-19122 1 Mz-automation 1 Libiec61850 2024-11-21 N/A
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.
CVE-2018-19121 1 Mz-automation 1 Libiec61850 2024-11-21 N/A
An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c.
CVE-2018-19093 1 Mz-automation 1 Libiec61850 2024-11-21 7.5 High
An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program
CVE-2018-18957 1 Mz-automation 1 Libiec61850 2024-11-21 N/A
An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.
CVE-2018-18937 1 Mz-automation 1 Libiec61850 2024-11-21 N/A
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.
CVE-2018-18834 1 Mz-automation 1 Libiec61850 2024-11-21 N/A
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c.
CVE-2024-45970 1 Mz-automation 1 Lib60870 2024-11-18 9.8 Critical
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit ac925fae8e281ac6defcd630e9dd756264e9c5bc allow a malicious server to cause a stack-based buffer overflow via the MMS FileDirResponse message.
CVE-2024-45971 1 Mz-automation 1 Lib60870 2024-11-18 9.8 Critical
Multiple Buffer overflows in the MMS Client in MZ Automation LibIEC61850 before commit 1f52be9ddeae00e69cd43e4cac3cb4f0c880c4f0 allow a malicious server to cause a stack-based buffer overflow via the MMS IdentifyResponse message.
CVE-2024-45969 1 Mz-automation 1 Libiec61850 2024-11-18 7.5 High
NULL pointer dereference in the MMS Client in MZ Automation LibIEC1850 before commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33 allows a malicious server to Cause a Denial-of-Service via the MMS InitiationResponse message.