Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mz-automation Subscribe
Filtered by product Libiec61850
Total 28 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19944 1 Mz-automation 1 Libiec61850 2019-12-30 4.3 MEDIUM 6.5 MEDIUM
In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c has an out-of-bounds read, related to intLen and bufPos.
CVE-2018-19093 1 Mz-automation 1 Libiec61850 2019-10-02 5.0 MEDIUM 7.5 HIGH
** DISPUTED ** An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program.
CVE-2019-16510 1 Mz-automation 1 Libiec61850 2019-09-19 5.0 MEDIUM 7.5 HIGH
libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady in mms/iso_mms/server/mms_server.c, as demonstrated by server_example_goose.
CVE-2019-1010300 1 Mz-automation 1 Libiec61850 2019-07-22 5.0 MEDIUM 7.5 HIGH
mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet.
CVE-2019-6719 1 Mz-automation 1 Libiec61850 2019-02-07 5.0 MEDIUM 7.5 HIGH
An issue has been found in libIEC61850 v1.3.1. There is a use-after-free in the getState function in mms/iso_server/iso_server.c, as demonstrated by examples/server_example_goose/server_example_goose.c and examples/server_example_61400_25/server_example_61400_25.c.
CVE-2018-18937 1 Mz-automation 1 Libiec61850 2018-12-07 5.0 MEDIUM 7.5 HIGH
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.
CVE-2018-19122 1 Mz-automation 1 Libiec61850 2018-12-07 4.3 MEDIUM 4.3 MEDIUM
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.
CVE-2018-19121 1 Mz-automation 1 Libiec61850 2018-12-07 4.3 MEDIUM 4.3 MEDIUM
An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c.