stephane/libmodbus
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| — | 7.5 HIGH | — | ||
A Denial of Service (DoS) vulnerability exists in the receive loop of libmodbus 3.1.12 when running on Windows. The issue stems from improper timeout management during network read operations. | ||||
| = 3.1.10 | 4.8 MEDIUM | — | ||
Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an unexpected length. | ||||
| = 3.1.6 | 7.5 HIGH | — | ||
libmodbus v3.1.6 was discovered to contain a heap overflow via the modbus_mapping_free() function. | ||||
| = 3.1.6 | 7.5 HIGH | — | ||
libmodbus v3.1.6 was discovered to contain a use-after-free via the ctx->backend pointer. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server. | ||||
| = 3.1.6 | 4.3 MEDIUM | — | ||
An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows attackers to cause a Denial of Service (DoS) via a crafted message sent to the unit-test-server. | ||||
| = 3.1.10 | 7.5 HIGH | — | ||
libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors. | ||||
| = 3.1.10 | 9.8 CRITICAL | — | ||
libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in read_io_status function in src/modbus.c. | ||||
| < 3.1.7 | 7.8 HIGH | — | ||
A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. | ||||
| >= 3.1.0, < 3.1.5, < 3.0.7 | 9.1 CRITICAL | 6.4 MEDIUM | ||
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301. | ||||
| >= 3.1.0, < 3.1.5, < 3.0.7 | 9.1 CRITICAL | 6.4 MEDIUM | ||
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302. | ||||