VDE-2022-008
April 7, 2022, 8:00 vorm.
Multiple issues have been found in the affected products. See CVE descriptions for details.
VDE-2022-009
Mai 22, 2025, 3:03 nachm.
The Linux kernel starting from 5.8 has a flaw which can lead to privilege escalation for a local user. The kernel is used in several Versions of the FW of …
VDE-2022-005
Mai 22, 2025, 3:03 nachm.
Several vulnerabilities have been discovered in the Expat XML parser library (aka libexpat).This open-source component is widely used in a lot of products worldwide.A remote, anonymous attacker could use an …
VDE-2022-006
März 24, 2022, 11:48 vorm.
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service.
VDE-2022-007
Mai 22, 2025, 3:03 nachm.
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This …
VDE-2022-004
März 9, 2022, 8:00 vorm.
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning and updates.Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) …
VDE-2022-003
Juni 5, 2025, 3:28 nachm.
By tricking clients of the mentioned products into contacting malicious OPC UA servers and thereby acting as OPC UA clients, a crash of the component can be provoked.
VDE-2022-002
Mai 22, 2025, 3:03 nachm.
A vulnerability is reported in WIBU-SYSTEMS Codemeter. WIBU-SYSTEMS Codemeter is installed by default during e!COCKPIT and WAGO-I/O-Pro (CODESYS 2.3) installations. All currently existing e!COCKPIT installation bundles and WAGO-I/O-Pro (CODESYS 2.3) …