VDE-2024-010
Aug. 27, 2025, 12:00 PM
The data24 service that is bundled with every installation of mbCONNECT24/mymbCONNECT24 has two serious flaws in core components. These combined can lead to a complete loss of confidentiality, integrity and …
VDE-2025-013
June 5, 2025, 3:31 PM
The CODESYS Gateway enables communication between CODESYS runtimes and other clients, primarily the CODESYS Development System V3. It is usually installed as a part of the CODESYS Development System V3 …
VDE-2025-015
June 5, 2025, 3:31 PM
A low privileged attacker with physical access to a controller, that supports removable media and is running a CODESYS Control runtime system, can exploit the insufficient path validation by connecting …
VDE-2025-036
March 6, 2025, 3:00 PM
Several vulnerabilities in the Endress+Hauser MEAC300-FNADE4 were discovered, that can be accessed via Ethernet.
VDE-2025-004
April 10, 2025, 3:00 PM
Nozomi Networks reported a vulnerability in the pfc firmware sdk-G2 of libwagosnmp. The WAGO pfc-firmware-sdk-G2 is a software development kit designed for WAGO PFC devices which allows developers to build …
VDE-2025-021
May 14, 2025, 3:26 PM
Weidmüller product PROCON-WIN is affected by hard-coded credentials. Weidmüller has released a new version of the affected product to fix the vulnerability.
VDE-2025-023
March 5, 2025, 12:00 PM
Multiple Weidmueller products are affected by an OpenSSL vulnerability. Weidmüller has released new firmwares of the affected products to fix the vulnerability.
VDE-2025-012
May 22, 2025, 3:03 PM
A security researcher discovered a critical Remote Code Execution vulnerability in sunnyportal.com. An attacker could upload code instead of an image and remotely execute this code.