VDE-2024-018
Mai 14, 2025, 2:36 nachm.
Multiple Wiesemann & Theis software products are affected by a vulnerability through an unquoted search path in the Windows registry. A local attacker can execute arbitrary code and gain administrative …
VDE-2023-065
Nov. 4, 2025, 12:00 nachm.
MES PCs shipped with Windows 10 come pre-installed with XAMPP. XAMPP is a bundle of third-party open-source applications including the Apache HTTP Server, the MariaDB database and more. From time …
VDE-2024-014
Juni 5, 2025, 3:28 nachm.
Several WAGO Firmwares are vulnerable to a to a remote attack which allows to bypass the integrity check through OpenSSH. This called Terrapin attack occurs because of mishandled handshake phase.
VDE-2024-016
Mai 22, 2025, 3:03 nachm.
The affected products and versions present a vulnerability due to a vulnerable integrated software component the docker runc <= 1.1.11. In the worst-case scenario, the integrated Docker container environment …
VDE-2024-013
Mai 22, 2025, 3:03 nachm.
CVE-2024-24781: If the above mentioned products are loaded with Wire speed (1Gbit/s or 100Mbit/s) the resources of the Ethernet-Controller are exhausted and it must be reset by the system automatically …
VDE-2024-002
Feb. 6, 2024, 8:00 vorm.
The PITreader product family is using the 3rd -party-component uC/HTTP to implement the web server functionality. uC/HTTP is affected by multiple vulnerabilities. These vulnerabilities may enable an attacker to gain …
VDE-2023-050
April 10, 2025, 3:00 nachm.
Multiple Pilz products are affected by stored cross-site-scripting (XSS) vulnerabilities. The vulnerabilities may enable an attacker to gain full control over the system. Update: 27.02.2024 Fix typo in advisory title
VDE-2023-063
Nov. 4, 2025, 12:00 nachm.
Several high severity vulnerabilities in CODESYS V3 affecting Festo products could lead to Remote Code Execution or Denial of Service.