VDE-2024-040
April 10, 2025, 3:00 PM
TruControl laser control software prior to version 1.60.0 uses an OpenSSH server version affected by CVE-2024-6387. The affected OpenSSH Server version could potentially lead to a remote code execution.
VDE-2024-034
April 10, 2025, 3:00 PM
TruControl laser control software from versions 3.50.0 to 4.00.0.B use Linux kernel versions affected by CVE-2024-1086. The affected kernel vulnerability could lead to local privilege escalation.
VDE-2024-029
June 11, 2024, 8:00 AM
The OpenSSL library used in the affected products is vulnerable to an unbounded growth of the session cache in the TLSv1.3 implementation.
VDE-2024-026
May 14, 2025, 3:00 PM
The CODESYS OPC UA stack of the CODESYS Control runtime system may incorrectly calculate the required buffer size for received requests/responses. This can lead to a crash of the CODESYS …
VDE-2024-027
May 14, 2025, 3:00 PM
All legitimate local Microsoft Windows users can read or modify files that are located in the working directory of the affected CODESYS products, even if they are executed under a …
VDE-2023-068
May 21, 2024, 8:00 AM
The following vulnerabilities are published with reference to CODESYS Advisory 2023-05, CODESYS Advisory 2023-06 and CODESYS Advisory 2023-09
VDE-2024-021
May 21, 2024, 8:00 AM
The WAGO Navigator versions 1.0.1 and 1.0 are vulnerable due to the use of the WiX toolset version 3.11.2.
VDE-2024-019
May 14, 2024, 8:00 AM
Multiple vulnerabilities have been discovered in the Firmware of CHARX SEC charge controllers. Update: credis have been updated