Releases36
Frequency6 months 2 weeks
Last Release
Stars4.2K
A Modbus library for Linux, Mac OS, FreeBSD and Windows

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
7.5 HIGH

A Denial of Service (DoS) vulnerability exists in the receive loop of libmodbus 3.1.12 when running on Windows. The issue stems from improper timeout management during network read operations.

= 3.1.104.8 MEDIUM

Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an unexpected length.

= 3.1.67.5 HIGH

libmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free() function.

= 3.1.67.5 HIGH

libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx->backend pointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.

= 3.1.64.3 MEDIUM

An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server.

= 3.1.107.5 HIGH

libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors.

= 3.1.109.8 CRITICAL

libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in read_io_status function in src/modbus.c.

< 3.1.77.8 HIGH

A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.

>= 3.1.0, < 3.1.5, < 3.0.79.1 CRITICAL6.4 MEDIUM

An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301.

>= 3.1.0, < 3.1.5, < 3.0.79.1 CRITICAL6.4 MEDIUM

An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302.