VDE-2023-062
Nov. 21, 2023, 9:15 AM
A heap-based buffer overflow caused by libcurl and wrong whitespace character interpretationin Javascript, both used in CodeMeter Runtime affecting multiple products by PHOENIX CONTACT.
VDE-2023-037
Nov. 21, 2023, 8:00 AM
Affected products are vulnerable to remote code execution via command injection in the web-based management by an attacker.
VDE-2023-015
Nov. 20, 2023, 8:00 AM
There is a misconfiguration of access rights to a configuration tool of the web-based-management for a specific user, which allows to reset passwords of other users (except root). This allows …
VDE-2023-032
May 22, 2025, 3:03 PM
Multiple Weidmueller products are affected by recent WIBU vulnerability.
VDE-2023-046
April 28, 2025, 12:00 PM
An attacker with administrative privileges which can access sensitive files, can additionally access them in an unintended, undocumented way.
VDE-2023-047
Oct. 1, 2025, 8:00 AM
A vulnerability was reported in Siemens TIA Portal. TIA Portal is part of the installation packages of several Festo Didactic products. TP 260 before June 2023 and MES PC based …
VDE-2023-041
Oct. 16, 2023, 10:38 AM
In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain …
VDE-2023-043
Oct. 16, 2023, 10:38 AM
A vulnerability in the affected products allows an authenticated, low-privileged attacker to gain unauthorized read access to limited, non-critical device information. The issue arises from improper access validation.