VDE-2022-007
Mai 22, 2025, 3:03 nachm.
SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This …
VDE-2022-001
Mai 14, 2025, 3:00 nachm.
The user management of the FL SWITCH 2xxx family of devices implements access rights based on roles and permission groups. An unprivileged user logged in via the SSH CLI is …
VDE-2021-059
Mai 22, 2025, 3:03 nachm.
The TCP/IP stack and of the networking component (Nucleus NET) in Nucleus Real-Time Operating System (RTOS) contain several vulnerabilities. Nucleus NET is utilized by BLUEMARK X1 / LED / CLED. …
VDE-2021-056
Mai 22, 2025, 3:03 nachm.
Multiple vulnerabilities were reported in CODESYS 2.3 Runtime. The CODESYS 2.3 Runtime is an essential component in several WAGO PLCs. All vulnerable PLCs are listed in chapter 'Affected Products'. https://www.codesys.com/security/security-reports.html
VDE-2021-046
Nov. 10, 2021, 8:23 vorm.
Cross-site scripting in web-based management and memory leak in the remote logging function of FL MGUARD 1102 and FL MGUARD 1105. CVE-2021-34582: The file upload functionality in the web-based management …
VDE-2021-052
Mai 22, 2025, 3:03 nachm.
PC Worx / -Express is vulnerable to a 'zip slip' style vulnerability when loading a project file.
VDE-2021-035
Mai 22, 2025, 3:03 nachm.
Access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.
VDE-2021-029
Mai 14, 2025, 2:28 nachm.
A device on the same network as the controller sending a special crafted JSON request to the /auth/access-token endpoint may cause the controller to restart (CWE-20). UPDATE A The CVSS …