Filtered by vendor Unitronics Subscriptions
Total 7 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-38435 1 Unitronics 1 Vision Plc 2024-11-21 6.5 Medium
Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of service
CVE-2023-6448 1 Unitronics 33 Samba 3.5, Samba 3.5 Firmware, Samba 4.3 and 30 more 2024-11-21 9.8 Critical
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.
CVE-2023-2003 2 Unitronics, Unitronicsplc 3 Vision1210, Vision1210, Vision1210 Firmware 2024-11-21 9.1 Critical
Embedded malicious code vulnerability in Vision1210, in the build 5 of operating system version 4.3, which could allow a remote attacker to store base64-encoded malicious code in the device's data tables via the PCOM protocol, which can then be retrieved by a client and executed on the device.
CVE-2016-4519 1 Unitronics 1 Visilogic Oplc Ide 2024-11-21 N/A
Stack-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.30 allows remote attackers to execute arbitrary code via a crafted filename field in a ZIP archive in a vlp file.
CVE-2015-7939 1 Unitronics 1 Visilogic Oplc Ide 2024-11-21 N/A
Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename.
CVE-2015-7905 1 Unitronics 1 Visilogic Oplc Ide 2024-11-21 N/A
Unitronics VisiLogic OPLC IDE before 9.8.02 allows remote attackers to execute unspecified code via unknown vectors.
CVE-2015-6478 1 Unitronics 1 Visilogic Oplc Ide 2024-11-21 N/A
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site.