VDE-2022-006
March 24, 2022, 11:48 AM
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service.
VDE-2021-044
May 14, 2025, 3:00 PM
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.
VDE-2021-040
May 14, 2025, 2:28 PM
Promass 83 devices utilizing 499ES EtherNet/IP (ENIP) Stack by Real Time Automation (RTA) are vulnerable to a stack-based buffer overflow. Update A, 2021-10-07: added credits changed title from "ENDRESS+HAUSER: Promass …
VDE-2021-010
May 14, 2025, 2:28 PM
Endress+Hauser products utilizing WPA2 are vulnerable to KRACK attacks. Proline portfolio is a flow meter with an optional WLAN interface in the display. The flowmeters are only affected if the …
VDE-2021-005
May 14, 2025, 3:00 PM
The fdtCONTAINER component is integrated into an application (host application). The fdtCONTAINER application is a specific host application which integrates the fdtCONTAINER component. The fdtCONTAINER component exchanges binary data blobs …
VDE-2020-022
May 14, 2025, 3:00 PM
The firmware release has a dynamic token for each request submitted to the server, which makes repeating requests and analysis complex enough. Nevertheless, it's possible and during the analysis it …
VDE-2020-021
April 11, 2025, 9:00 AM
The affected device has a web-based user interface with a role-based access system. Users with different roles have different write and read privileges. The access system is based on dynamic …
VDE-2020-031
May 14, 2025, 3:00 PM
For further Information please refer to WIBU Advisories directly at https://wibu.com/support/security-advisories.html and the aforementioned CVE-IDs.