VDE-2025-009
Mai 14, 2025, 2:28 nachm.
Several WAGO Firmwares are vulnerable to an incorrect calculation of the buffer size in the CODESYS OPC UA STACK. This can lead to a crash of the runtime of the …
VDE-2024-020
Feb. 12, 2025, 5:48 nachm.
A security researcher discovered a Cross Site Request Forgery (CSRF, XSRF) vulnerability in SMA Cluster Controller. The affected products are out of support (End-of-Life 2018-06-30).
VDE-2024-075
Juni 17, 2025, 8:00 vorm.
A security researcher discovered that in the affected products a clickjacking vulnerability in the web frontend exists. An attacker could lure the user to click on a malicious website which …
VDE-2025-001
Juni 5, 2025, 3:31 nachm.
The CODESYS Key USB dongle, which is based on WIBU CodeMeter technology, is affected by a physical side-channel vulnerability.
VDE-2024-070
Mai 14, 2025, 3:00 nachm.
Improper file permission handling allows an authenticated low privileged user to gain root access.
VDE-2025-005
Mai 14, 2025, 3:00 nachm.
A vulnerability has been found in a cryptographic library of Infineon Technologies that is part of the firmware of the CmDongles. The exploitation of this vulnerability has been classified as …
VDE-2024-073
Mai 22, 2025, 3:03 nachm.
Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS
VDE-2024-071
Mai 22, 2025, 3:03 nachm.
Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS