Advisories

Show filters filter

Manufacturer

Scoring

For CVSS 2.0, 3.0 and 3.2

No CVE available

0.1 - 3.9

4 - 6.9

7 - 8.9

9 - 10

VDE-2022-048

May 14, 2025, 3:00 PM

PHOENIX CONTACT: Automationworx BCP File Parsing Vulnerabilities

Manipulated PC Worx or Config+ files could lead to a heap buffer overflow, release of unallocated memory or a read access violation due to insufficient validation of input data.The attacker …

CVE-2022-3737

CVE-2022-3461

VDE-2022-046

May 22, 2025, 3:03 PM

PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware

UPDATE A: Two devices (ENERGY AXC PU, SMARTRTU AXC SG) added (24.11.2022) Update for PLCnext Firmware containing fixes for recent vulnerability findings in Linux components and security enhancements. PLCnext Control …

CVE-2022-32207

CVE-2022-25315

CVE-2022-25236

CVE-2022-25235

CVE-2022-0547

CVE-2022-0729

CVE-2022-24407

CVE-2022-28391

CVE-2022-27778

CVE-2022-22576

CVE-2022-2257

CVE-2022-2206

CVE-2022-2264

CVE-2022-2288

CVE-2022-2289

CVE-2022-2286

CVE-2022-2284

CVE-2022-2285

CVE-2022-2345

CVE-2022-2344

CVE-2022-2210

CVE-2022-2207

CVE-2022-2343

CVE-2022-2183

CVE-2022-2182

CVE-2022-2175

CVE-2022-2129

CVE-2022-1942

CVE-2022-1927

CVE-2021-3973

CVE-2022-0368

CVE-2022-0361

CVE-2022-0685

CVE-2022-0572

CVE-2022-1160

CVE-2022-0943

CVE-2022-1154

CVE-2022-1720

CVE-2022-1898

CVE-2022-1851

CVE-2022-1886

CVE-2022-1785

CVE-2022-1769

CVE-2022-1735

CVE-2022-1629

CVE-2022-1619

CVE-2022-1616

CVE-2022-1621

CVE-2022-1796

CVE-2022-1733

CVE-2022-1381

CVE-2022-0778

CVE-2022-29864

CVE-2022-29862

CVE-2019-19906

CVE-2022-27775

CVE-2022-27781

CVE-2022-27780

CVE-2022-25314

CVE-2022-27782

CVE-2018-25032

CVE-2022-1620

CVE-2022-23308

CVE-2021-3796

CVE-2022-2287

CVE-2021-4166

CVE-2021-45117

CVE-2022-32206

CVE-2022-27776

CVE-2022-25313

CVE-2022-29824

CVE-2022-32208

CVE-2022-27774

CVE-2022-2231

CVE-2022-2208

CVE-2022-0714

CVE-2022-0696

CVE-2022-1771

CVE-2022-1674

CVE-2022-1420

CVE-2022-27779

CVE-2022-32205

CVE-2022-30115

VDE-2022-028

May 14, 2025, 3:00 PM

PHOENIX CONTACT: Missing Authentication in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool

ProConOS/ProConOS eCLR designed for use in closed industrial networks provide communication protocols without authentication. Please also refer the original ICS-CERT advisory ICSA-15-013-03 published 13 January 2015.

CVE-2014-9195

VDE-2022-026

May 22, 2025, 3:03 PM

PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool

ProConOS/ProConOS eCLR insufficiently verifies uploaded data.

CVE-2022-31801

VDE-2022-025

May 22, 2025, 3:03 PM

PHOENIX CONTACT: Vulnerability in classic line industrial controllers

The affected devices insufficiently verify uploaded data.

CVE-2022-31800

VDE-2022-018

May 11, 2022, 4:20 PM

PHOENIX CONTACT: Multiple vulnerabilities in RAD-ISM-900-EN-BD devices

Multiple vulnerabilities have been discovered in the firmware and in libraries utilized of RAD-ISM-900-EN-BD devices: In addition to the above listed CVEs the following issues were identified: Vulnerabilities related to …

CVE-2022-29898

CVE-2022-29897

VDE-2022-014

May 22, 2025, 3:03 PM

PHOENIX CONTACT: mGuard Device Manager affected by HTTP Request Smuggling of Apache Webserver

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling. For the mGuard Device …

CVE-2022-22720

VDE-2022-013

May 14, 2025, 3:00 PM

PHOENIX CONTACT: Multiple products affected by possible infinite loop within OpenSSL library

FL MGUARD and TC MGUARD devices are affected by a possible infinite loop within a OpenSSL library method for parsing elliptic curve parameters. This method is used on parsing cryptographic …

CVE-2022-0778