VDE-2021-017
May 14, 2025, 2:28 PM
Multiple Vulnerabilities in mbConnect24serv (a software service of mbDIALUP) can lead to arbitrary code execution due to improper privilege management. Update A, 2021-11-24 corrected fixed version in solution from 3.9R0.4 …
VDE-2021-040
May 14, 2025, 2:28 PM
Promass 83 devices utilizing 499ES EtherNet/IP (ENIP) Stack by Real Time Automation (RTA) are vulnerable to a stack-based buffer overflow. Update A, 2021-10-07: added credits changed title from "ENDRESS+HAUSER: Promass …
VDE-2019-006
May 14, 2025, 2:28 PM
After login the source IP is used as the session identifier, so that users sharing the same source IP are able to gain full authenticated access to the WEB-UI. The …
VDE-2024-074
May 14, 2025, 2:28 PM
A security researcher discovered that in the affected products an authenticated (administration privileges) SQL injection has been found on the administration panel allowing access to a database. The database that …
VDE-2021-001
May 14, 2025, 2:28 PM
A critical vulnerability has been discovered in the fdtCONTAINER component by M&M Software GmbH used by PACTware. While de-serializing PACTware 5 project files (loading PW5 files) the vulnerability can be …
VDE-2021-021
May 14, 2025, 2:28 PM
An undocumented password protected FTP access to the root directory exists in certain devices of the AXL F BK and IL BK product families (CWE-798).
VDE-2021-037
May 14, 2025, 2:28 PM
An issue was discovered in the mymbCONNECT24 and mbCONNECT24 software in all versions through V2.9.0.
VDE-2021-036
May 14, 2025, 2:28 PM
Please consult the CVE entries above for more details.