Advisories

Filter anzeigen filter

Hersteller

Bewertung

Für CVSS 2.0, 3.0 und 3.2

Kein CVE verfügbar

0.1 - 3.9

4 - 6.9

7 - 8.9

9 - 10

VDE-2022-007

Mai 22, 2025, 3:03 nachm.

PHOENIX CONTACT: Path Traversal in Library of PLCnext Technology Toolchain and FL Network Manager

SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This …

CVE-2021-32840

CVE-2021-32842

VDE-2022-010

Mai 22, 2025, 3:03 nachm.

PHOENIX CONTACT: Multiple Linux component vulnerabilities fixed in latest AXC F x152 LTS release

PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2. This certification requires that all third-party components used in the firmware are regularly checked for known …

CVE-2021-20232

CVE-2021-20231

CVE-2021-3711

CVE-2022-23852

CVE-2022-22822

CVE-2022-22823

CVE-2022-22824

CVE-2021-35942

CVE-2021-45079

CVE-2022-22827

CVE-2021-3518

CVE-2021-45960

CVE-2022-22825

CVE-2022-22826

CVE-2021-3517

CVE-2020-10878

CVE-2020-10543

CVE-2018-1000500

CVE-2019-17498

CVE-2020-6096

CVE-2021-20305

CVE-2020-8177

CVE-2021-46143

CVE-2019-18276

CVE-2021-23017

CVE-2021-21300

CVE-2021-22926

CVE-2020-8169

CVE-2021-22946

CVE-2019-20907

CVE-2021-43618

CVE-2020-12723

CVE-2020-24659

CVE-2021-40330

CVE-2021-3580

CVE-2021-41990

CVE-2022-23990

CVE-2020-15078

CVE-2021-3712

CVE-2021-42380

CVE-2021-42382

CVE-2021-42378

CVE-2021-42384

CVE-2021-42379

CVE-2021-42381

CVE-2021-42386

CVE-2021-42385

CVE-2021-22922

CVE-2019-20892

CVE-2021-45117

CVE-2021-22947

CVE-2021-3537

CVE-2021-22923

CVE-2021-22925

CVE-2021-22897

CVE-2016-20012

CVE-2021-42374

CVE-2020-29562

CVE-2021-20193

CVE-2021-22898

VDE-2024-071

Mai 22, 2025, 3:03 nachm.

Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware

Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2024.0.6 LTS

CVE-2024-32002

CVE-2024-6387

CVE-2024-39894

CVE-2024-2511

CVE-2024-4741

CVE-2024-4603

VDE-2023-054

Mai 22, 2025, 3:03 nachm.

Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check

Increased Security attacks against OT infrastructure and research of Dragos makes it necessary to publish this advisory giving users hints according to basic security measures to support automation systems using …

CVE-2023-5592

VDE-2022-053

Mai 14, 2025, 3:00 nachm.

PHOENIX CONTACT: Advisory for TC ROUTER and CLOUD CLIENT

Two Vulnerabilities have been discovered in TC ROUTER 4000 series and CLOUD CLIENT 2000 series up to firmware version 4.5.7x.107. The web administration interface is vulnerable for authenticated admin users …

CVE-2023-0862

CVE-2023-0861

VDE-2022-048

Mai 14, 2025, 3:00 nachm.

PHOENIX CONTACT: Automationworx BCP File Parsing Vulnerabilities

Manipulated PC Worx or Config+ files could lead to a heap buffer overflow, release of unallocated memory or a read access violation due to insufficient validation of input data.The attacker …

CVE-2022-3737

CVE-2022-3461

VDE-2018-006

Mai 14, 2025, 3:00 nachm.

Phoenix Contact: FL SWITCH 3xxx/4xxx/48xx series through 1.33 has a Stack-based Buffer Overflow

An attacker may insert a carefully crafted cookie into a GET menu_pxc.cgi or GET index.cgi request to cause a buffer overflow that can initiate a Denial of Service attack and …

CVE-2018-10728

VDE-2022-013

Mai 14, 2025, 3:00 nachm.

PHOENIX CONTACT: Multiple products affected by possible infinite loop within OpenSSL library

FL MGUARD and TC MGUARD devices are affected by a possible infinite loop within a OpenSSL library method for parsing elliptic curve parameters. This method is used on parsing cryptographic …

CVE-2022-0778