VDE-2024-029
June 11, 2024, 8:00 AM
The OpenSSL library used in the affected products is vulnerable to an unbounded growth of the session cache in the TLSv1.3 implementation.
VDE-2024-026
May 14, 2025, 3:00 PM
The CODESYS OPC UA stack of the CODESYS Control runtime system may incorrectly calculate the required buffer size for received requests/responses. This can lead to a crash of the CODESYS …
VDE-2024-027
May 14, 2025, 3:00 PM
All legitimate local Microsoft Windows users can read or modify files that are located in the working directory of the affected CODESYS products, even if they are executed under a …
VDE-2023-068
May 21, 2024, 8:00 AM
The following vulnerabilities are published with reference to CODESYS Advisory 2023-05, CODESYS Advisory 2023-06 and CODESYS Advisory 2023-09
VDE-2024-021
May 21, 2024, 8:00 AM
The WAGO Navigator versions 1.0.1 and 1.0 are vulnerable due to the use of the WiX toolset version 3.11.2.
VDE-2024-019
May 14, 2024, 8:00 AM
Multiple vulnerabilities have been discovered in the Firmware of CHARX SEC charge controllers. Update: credis have been updated
VDE-2024-028
Feb. 28, 2025, 12:00 PM
moneo \"Forgot Password\" function has a vulnerability which allows gaining privileged access.
VDE-2024-024
May 14, 2025, 3:00 PM
Local attackers can cause affected CODESYS Development System V2.3 installations to crash or execute code by opening malicious project files. The CODESYS Development System V2.3 is an IEC 61131-3 programming …