Advisories

Filter anzeigen filter

Hersteller

Bewertung

Für CVSS 2.0, 3.0 und 3.2

Kein CVE verfügbar

0.1 - 3.9

4 - 6.9

7 - 8.9

9 - 10

VDE-2020-009

Mai 22, 2025, 3:03 nachm.

WAGO: e!Cockpit Two Update Package Vulnerabilities

The firmware update package (WUP) is not signed entirely. The used password offers no additional security, it is just meant to protect from unintentional modifications of the WUP file. Thus …

CVE-2019-5159

CVE-2019-5158

VDE-2022-007

Mai 22, 2025, 3:03 nachm.

PHOENIX CONTACT: Path Traversal in Library of PLCnext Technology Toolchain and FL Network Manager

SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This …

CVE-2021-32840

CVE-2021-32842

VDE-2023-033

Mai 22, 2025, 3:03 nachm.

Pilz: WIBU Vulnerabilitiy in multiple Products

Several Pilz products use the 3rd party component "CodeMeter Runtime" from WIBU-SYSTEM AG to manage software licenses. This component is affected by a vulnerability, which may enable an attacker to …

CVE-2023-3935

VDE-2022-010

Mai 22, 2025, 3:03 nachm.

PHOENIX CONTACT: Multiple Linux component vulnerabilities fixed in latest AXC F x152 LTS release

PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2. This certification requires that all third-party components used in the firmware are regularly checked for known …

CVE-2021-20232

CVE-2021-20231

CVE-2021-3711

CVE-2022-23852

CVE-2022-22822

CVE-2022-22823

CVE-2022-22824

CVE-2021-35942

CVE-2021-45079

CVE-2022-22827

CVE-2021-3518

CVE-2021-45960

CVE-2022-22825

CVE-2022-22826

CVE-2021-3517

CVE-2020-10878

CVE-2020-10543

CVE-2018-1000500

CVE-2019-17498

CVE-2020-6096

CVE-2021-20305

CVE-2020-8177

CVE-2021-46143

CVE-2019-18276

CVE-2021-23017

CVE-2021-21300

CVE-2021-22926

CVE-2020-8169

CVE-2021-22946

CVE-2019-20907

CVE-2021-43618

CVE-2020-12723

CVE-2020-24659

CVE-2021-40330

CVE-2021-3580

CVE-2021-41990

CVE-2022-23990

CVE-2020-15078

CVE-2021-3712

CVE-2021-42380

CVE-2021-42382

CVE-2021-42378

CVE-2021-42384

CVE-2021-42379

CVE-2021-42381

CVE-2021-42386

CVE-2021-42385

CVE-2021-22922

CVE-2019-20892

CVE-2021-45117

CVE-2021-22947

CVE-2021-3537

CVE-2021-22923

CVE-2021-22925

CVE-2021-22897

CVE-2016-20012

CVE-2021-42374

CVE-2020-29562

CVE-2021-20193

CVE-2021-22898

VDE-2020-037

Mai 22, 2025, 3:03 nachm.

Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe)

The default installation path and its permissions for the TwinCAT runtime allow a local user to replace or modify executables other users of the same system might execute. The issue …

CVE-2020-12510

VDE-2024-071

Mai 22, 2025, 3:03 nachm.

Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware

Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS

CVE-2024-32002

CVE-2024-6387

CVE-2024-39894

CVE-2024-2511

CVE-2024-4741

CVE-2024-4603

VDE-2020-011

Mai 22, 2025, 3:03 nachm.

WAGO: Multiple Vulnerabilities in I/O-Check Service

An attacker needs an authorized login on the device in order to exploit the herein mentioned vulnerabilities. The reported vulnerabilities allow a local attacker with valid login credentials who is …

CVE-2019-5179

CVE-2019-5178

CVE-2019-5181

CVE-2019-5184

CVE-2019-5175

CVE-2019-5174

CVE-2019-5173

CVE-2019-5172

CVE-2019-5171

CVE-2019-5170

CVE-2019-5169

CVE-2019-5168

CVE-2019-5167

CVE-2019-5166

CVE-2019-5180

CVE-2019-5186

CVE-2019-5185

CVE-2019-5177

CVE-2019-5176

CVE-2019-5182

VDE-2023-054

Mai 22, 2025, 3:03 nachm.

Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check

Increased Security attacks against OT infrastructure and research of Dragos makes it necessary to publish this advisory giving users hints according to basic security measures to support automation systems using …

CVE-2023-5592