Filtered by vendor Openplcproject
Subscriptions
Filtered by product Openplc
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54962 | 1 Openplcproject | 2 Openplc, Openplc V3 | 2025-08-05 | 6.4 Medium |
| /edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload arbitrary files (such as .html or .svg), and these are then publicly accessible under the /static URI. | ||||
| CVE-2025-46613 | 1 Openplcproject | 1 Openplc | 2025-04-29 | 7.5 High |
| OpenPLC 3 through 64f9c11 has server.cpp Memory Corruption because a thread may access handleConnections arguments after the parent stack frame becomes unavailable. | ||||
| CVE-2021-3351 | 1 Openplcproject | 1 Openplc | 2024-11-21 | 5.4 Medium |
| OpenPLC runtime V3 through 2016-03-14 allows stored XSS via the Device Name to the web server's Add New Device page. | ||||
Page 1 of 1.