VDE-2024-003
May 22, 2025, 3:03 PM
The TRUMPF products that are listed above contain a vulnerable version of Notepad++. This version isbeing installed for support purposes only, so there is no danger of triggering this vulnerability …
VDE-2024-005
June 5, 2025, 3:28 PM
Under certain circumstances, opening a specially crafted 7-zip package can exploit an integer underflow vulnerability in 7-zip versions up to and including 22.x This vulnerability allows for a remote code …
VDE-2024-006
Jan. 23, 2024, 8:00 AM
Multiple vulnerabilities in the included versions of OpenSSL can lead to different problems, including crashes of the OpenSSL modules (leading to a Denial of Service) or leakage of plaintext. These …
VDE-2024-007
Jan. 22, 2024, 8:00 AM
A heap-based buffer overflow caused by libcurl and wrong whitespace character interpretation in Javascript, both used in CodeMeter Runtime affecting multiple products by WAGO. WIBU-SYSTEMS Codemeter is installed by default …
VDE-2023-067
May 22, 2025, 3:03 PM
With TwinCAT/BSD based products the HTTPS request to the Authelia login page accepts user-controlled input that specifies a link to an external site.
VDE-2023-058
May 22, 2025, 3:03 PM
PLCnext Control provides authentication and integrity check for the application.An authenticated, skilled attacker might be able to manipulate the application (e.g.: logic files, executable logic, configurations) in a special crafted …
VDE-2023-056
May 22, 2025, 3:03 PM
PLCnext Control provides authentication and integrity check for the application.An authenticated, skilled attacker might be able to manipulate the application (e.g.: logic files, executable logic, configurations) in a special crafted …
VDE-2023-051
May 22, 2025, 3:03 PM
Increased Security attacks against OT infrastructure and research of Dragos makes it necessary to publish this advisory giving users hints according to basic security measures to support automation systems using …