Advisories

Show filters filter

Manufacturer

Scoring

For CVSS 2.0, 3.0 and 3.2

No CVE available

0.1 - 3.9

4 - 6.9

7 - 8.9

9 - 10

VDE-2023-001

June 5, 2025, 3:28 PM

PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware

A new LTS Firmware release fixes known vulnerabilities in used open-source libraries. In addition, the following improvements have been implemented: HMI - Hardening against DoS attacks. - Hardening against memory …

CVE-2022-37434

CVE-2022-32207

CVE-2022-1664

CVE-2022-39260

CVE-2022-40674

CVE-2022-42915

CVE-2022-2257

CVE-2022-2206

CVE-2022-2264

CVE-2022-2288

CVE-2022-2289

CVE-2022-2286

CVE-2022-2284

CVE-2022-2285

CVE-2022-2345

CVE-2022-2304

CVE-2022-2344

CVE-2022-2210

CVE-2022-2207

CVE-2022-2343

CVE-2022-2183

CVE-2022-2182

CVE-2022-2175

CVE-2022-2129

CVE-2022-1942

CVE-2022-1927

CVE-2022-3352

CVE-2022-3324

CVE-2022-3297

CVE-2022-3296

CVE-2022-3256

CVE-2022-3235

CVE-2022-3234

CVE-2022-2581

CVE-2022-2580

CVE-2022-2571

CVE-2022-2522

CVE-2022-42919

CVE-2022-40304

CVE-2022-29187

CVE-2022-1304

CVE-2022-30065

CVE-2022-43680

CVE-2022-3705

CVE-2022-40617

CVE-2002-20001

CVE-2021-46828

CVE-2022-2509

CVE-2022-42916

CVE-2022-2287

CVE-2022-43995

CVE-2022-1015

CVE-2022-32206

CVE-2022-1348

CVE-2022-32208

CVE-2022-2231

CVE-2022-2208

CVE-2022-3278

CVE-2022-2598

CVE-2022-1016

CVE-2022-39253

CVE-2022-2097

CVE-2022-32205

CVE-2022-35252

VDE-2020-002

June 5, 2025, 3:28 PM

PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks

CVS-2019-12255 Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to …

CVE-2019-12255

CVE-2019-12258

VDE-2024-005

June 5, 2025, 3:28 PM

TRUMPF: Multiple products contain vulnerable version of 7-zip

Under certain circumstances, opening a specially crafted 7-zip package can exploit an integer underflow vulnerability in 7-zip versions up to and including 22.x This vulnerability allows for a remote code …

CVE-2023-31102

VDE-2025-020

June 2, 2025, 8:00 AM

WAGO: Switches affected by year 2k38 problem

The Year 2038 Problem affects systems using a 32-bit integer to represent time as the number of seconds since January 1st, 1970. On January 19, 2038, at 03:14:07 UTC, the …

CVE-2025-1235

VDE-2025-042

May 27, 2025, 11:00 AM

Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway

The Lenze VPN client is vulnerable to a Local Privilege Escalation to root/SYSTEM by executing a configuration file which can be controlled by a non-privileged user. This occurs through a …

CVE-2025-26169

CVE-2025-26168

VDE-2020-053

May 22, 2025, 3:03 PM

Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities

Several critical vulnerabilities within firmware.

CVE-2020-12504

CVE-2020-12502

CVE-2020-12503

VDE-2022-014

May 22, 2025, 3:03 PM

PHOENIX CONTACT: mGuard Device Manager affected by HTTP Request Smuggling of Apache Webserver

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling. For the mGuard Device …

CVE-2022-22720

VDE-2022-021

May 22, 2025, 3:03 PM

Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities

Critical vulnerabilities have been discovered in the utilized Bluetooth component. For more information see: https://kb.cert.org/vuls/id/799380

CVE-2020-26559

CVE-2020-26560

CVE-2020-26556

CVE-2020-26557

CVE-2020-26555

CVE-2020-26558