VDE-2022-010
Mai 22, 2025, 3:03 nachm.
PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2. This certification requires that all third-party components used in the firmware are regularly checked for known …
VDE-2022-005
Mai 22, 2025, 3:03 nachm.
Several vulnerabilities have been discovered in the Expat XML parser library (aka libexpat).This open-source component is widely used in a lot of products worldwide.A remote, anonymous attacker could use an …
VDE-2022-007
Mai 22, 2025, 3:03 nachm.
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This …
VDE-2022-001
Mai 14, 2025, 3:00 nachm.
The user management of the FL SWITCH 2xxx family of devices implements access rights based on roles and permission groups. An unprivileged user logged in via the SSH CLI is …
VDE-2021-059
Mai 22, 2025, 3:03 nachm.
The TCP/IP stack and of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contain several vulnerabilities. Nucleus NET is utilized by BLUEMARK X1 / LED / CLED. …
VDE-2021-056
Mai 22, 2025, 3:03 nachm.
Multiple vulnerabilities were reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLCs. All vulnerable PLCs are listed in chapter 'Affected Products'. https://www.codesys.com/security/security-reports.html
VDE-2021-046
Nov. 10, 2021, 8:23 vorm.
Cross-site scripting in web-based management and memory leak in the remote logging function of FL MGUARD 1102 and FL MGUARD 1105. CVE-2021-34582: The file upload functionality in the web-based management …
VDE-2021-052
Mai 22, 2025, 3:03 nachm.
PC Worx / -Express is vulnerable to a 'zip slip' style vulnerability when loading a project file.