VDE-2024-063
May 14, 2025, 2:28 PM
The affected devices run a SSH server that is affected by the regreSSHion vulnerability despite the fact that no user can actually log in through SSH. Attackers may exploit this …
VDE-2024-057
April 3, 2025, 12:00 PM
The CODESYS web server component of the CODESYS Control runtime system is used by the CODESYS WebVisu to display visualization screens in a web browser. Receiving a specifically crafted TLS …
VDE-2024-046
Sept. 10, 2024, 4:00 PM
The OSCAT Basic library is one of several libraries developed and provided by OSCAT. OSCAT (oscat.de) stands for "Open Source Community for Automation Technology". The OSCAT Basic library offers function …
VDE-2024-051
May 14, 2025, 3:00 PM
mGuards use an OpenSSH server for SSH access. This server is vulnerable to a remote code injection.
VDE-2024-039
Aug. 27, 2025, 12:00 PM
Confidential data in HTTP query string of user requests. Incomplete sanitation of user input in administrative web interface.
VDE-2024-052
May 14, 2025, 3:00 PM
The pathfinder TCP encapsulation service is vulnerable to a drain of open file descriptors.
VDE-2024-041
Sept. 10, 2024, 10:00 AM
Echo Curve Viewer is an utility used for offline visualization of previously recorded envelope curve data. Envelope curve records are exported from other Endress+Hauser software products like FieldCare as .curves …
VDE-2024-055
June 5, 2025, 3:32 PM
Siemens SIMATIC S7-1200 and S7-1500 CPUs contained in various Festo Didactic products contain a memory protection bypass vulnerability that could allow an attacker to write arbitrary data and code to …