Filtered by vendor Rockwellautomation
Subscriptions
Total
320 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4531 | 1 Rockwellautomation | 1 Factorytalk Energrymetrix | 2025-04-12 | N/A |
| Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | ||||
| CVE-2016-5645 | 1 Rockwellautomation | 6 1766-l32awa, 1766-l32awaa, 1766-l32bwa and 3 more | 2025-04-12 | N/A |
| Rockwell Automation MicroLogix 1400 PLC 1766-L32BWA, 1766-L32AWA, 1766-L32BXB, 1766-L32BWAA, 1766-L32AWAA, and 1766-L32BXBA devices have a hardcoded SNMP community, which makes it easier for remote attackers to load arbitrary firmware updates by leveraging knowledge of this community. | ||||
| CVE-2015-1010 | 1 Rockwellautomation | 1 Rsview32 | 2025-04-12 | N/A |
| Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does not properly encrypt credentials, which allows local users to obtain sensitive information by reading a file and conducting a decryption attack. | ||||
| CVE-2015-6492 | 1 Rockwellautomation | 2 Micrologix 1100 Firmware, Micrologix 1400 Firmware | 2025-04-12 | N/A |
| Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote attackers to cause a denial of service (memory corruption and device crash) via a crafted HTTP request. | ||||
| CVE-2014-9209 | 1 Rockwellautomation | 2 Factorytalk Services Platform, Factorytalk View Studio | 2025-04-12 | N/A |
| Untrusted search path vulnerability in the Clean Utility application in Rockwell Automation FactoryTalk Services Platform before 2.71.00 and FactoryTalk View Studio 8.00.00 and earlier allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2015-6491 | 1 Rockwellautomation | 2 Micrologix 1100 Firmware, Micrologix 1400 Firmware | 2025-04-12 | N/A |
| Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote authenticated users to insert the content of an arbitrary file into a FRAME element via unspecified vectors. | ||||
| CVE-2014-9204 | 1 Rockwellautomation | 1 Rslinx | 2025-04-12 | N/A |
| Stack-based buffer overflow in OPCTest.exe in Rockwell Automation RSLinx Classic before 3.73.00 allows remote attackers to execute arbitrary code via a crafted CSV file. | ||||
| CVE-2015-6486 | 1 Rockwellautomation | 2 Micrologix 1100 Firmware, Micrologix 1400 Firmware | 2025-04-12 | N/A |
| SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2014-5424 | 1 Rockwellautomation | 1 Connected Components Workbench | 2025-04-12 | N/A |
| Rockwell Automation Connected Components Workbench (CCW) before 7.00.00 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an invalid property value to an ActiveX control that was built with an outdated compiler. | ||||
| CVE-2016-4522 | 1 Rockwellautomation | 1 Factorytalk Energrymetrix | 2025-04-12 | N/A |
| SQL injection vulnerability in Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-6488 | 1 Rockwellautomation | 2 Micrologix 1100 Firmware, Micrologix 1400 Firmware | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2015-6490 | 1 Rockwellautomation | 2 Micrologix 1100 Firmware, Micrologix 1400 Firmware | 2025-04-12 | N/A |
| Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-0868 | 1 Rockwellautomation | 9 1763-l16awa Series A, 1763-l16awa Series B, 1763-l16bbb Series A and 6 more | 2025-04-12 | N/A |
| Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary code via a crafted web request. | ||||
| CVE-2012-4713 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2025-04-11 | N/A |
| Integer signedness error in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a negative integer value. | ||||
| CVE-2012-4715 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2025-04-11 | N/A |
| Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a UDP packet with a certain integer length value that is (1) too large or (2) too small, leading to improper handling by Logger.dll. | ||||
| CVE-2012-4695 | 1 Rockwellautomation | 1 Rslinx Enterprise | 2025-04-11 | N/A |
| LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage) via a zero-byte UDP packet that is not properly handled by Logger.dll. | ||||
| CVE-2012-0221 | 1 Rockwellautomation | 2 Factorytalk, Rslogix 5000 | 2025-04-11 | N/A |
| The FactoryTalk (FT) RNADiagReceiver service in Rockwell Automation Allen-Bradley FactoryTalk CPR9 through SR5 and RSLogix 5000 17 through 20 does not properly handle the return value from an unspecified function, which allows remote attackers to cause a denial of service (service outage) via a crafted packet. | ||||
| CVE-2012-4714 | 1 Rockwellautomation | 1 Factorytalk Services Platform | 2025-04-11 | N/A |
| Integer overflow in RNADiagnostics.dll in Rockwell Automation FactoryTalk Services Platform (FTSP) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial of service (service outage or RNADiagReceiver.exe daemon crash) via UDP data that specifies a large integer value. | ||||
| CVE-2011-2957 | 1 Rockwellautomation | 1 Factorytalk Diagnostics Viewer | 2025-04-11 | N/A |
| Unspecified vulnerability in Rockwell Automation FactoryTalk Diagnostics Viewer before V2.30.00 (CPR9 SR3) allows local users to execute arbitrary code via a crafted FactoryTalk Diagnostics Viewer (.ftd) configuration file, which triggers memory corruption. | ||||
| CVE-2011-3489 | 1 Rockwellautomation | 1 Rslogix | 2025-04-11 | N/A |
| RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted rna packet with a long string to TCP port 4446 that triggers (1) "a memset zero overflow" or (2) an out-of-bounds read, related to improper handling of a 32-bit size field. | ||||