VDE-2025-095
Dec. 11, 2025, 10:00 AM
Two remote stack buffer overflow vulnerabilities were discovered in WAGO industrial switches. These issues originate from unsafe input handling in custom HTTP request parsing functions within the lighttpd binary. The …
VDE-2024-076
Dec. 10, 2025, 8:00 AM
Due to improper BLE security configurations and lack of authentication on the GATT server of JBL LIVE PRO 2 TWS and JBL TUNE FLEX Headphones, unauthenticated users can read and …
VDE-2025-089
Dec. 10, 2025, 8:00 AM
The BLE controller in certain consumer products fails to properly validate the channel map field in connection requests, enabling attackers within radio range to cause a denial of service through …
VDE-2025-071
Dec. 9, 2025, 9:00 AM
Multiple vulnerabilities have been identified in the FL SWITCH 2xxx firmware prior to version 3.50. Two of these (CVE-2025-41692 and CVE-2025-41696) enable an attacker to access the device's file system. …
VDE-2025-105
Dec. 8, 2025, 10:00 AM
A vulnerability in Wibu-Systems CodeMeter (up to version 7.60b) affects multiple Endress+Hauser products. This flaw can lead to a heap buffer overflow, which may allow remote code execution under certain …
VDE-2025-099
Dec. 1, 2025, 12:00 PM
A vulnerability has been identified in the CODESYS Control runtime system, which includes an abstraction layer designed to ensure compatibility across different operating systems. This layer is used both by …
VDE-2025-100
Dec. 1, 2025, 11:00 AM
A vulnerability in the CODESYS Control runtime system's CmpVisuServer component allows attackers to cause a denial-of-service (DoS) by sending special request to the CODESYS Web- or remote Target Visu. The …
VDE-2025-101
Dec. 1, 2025, 11:00 AM
A vulnerability has been discovered in the print engine of the CODESYS development system. If a CODESYS project file or archive file was crafted in a specific way, the CODESYS …