VDE-2024-019
May 14, 2024, 8:00 AM
Multiple vulnerabilities have been discovered in the Firmware of CHARX SEC charge controllers. Update: credis have been updated
VDE-2024-023
April 23, 2024, 10:00 AM
Welotec has been informed by an external source that the WebUI of the device management solution "SMART EMS" and the remote connectivity solution "VPN Security Suite" is vulnerable to so-called …
VDE-2023-039
March 13, 2024, 9:30 AM
The Web-Based Management (WBM) of WAGOs programmable logic controller (PLC) is typically used for administration, commissioning, and updates. The option to change the configuration data via tools or the web-based-management …
VDE-2024-011
March 12, 2024, 8:00 AM
Multiple vulnerabilities have been discovered in the Firmware of CHARX SEC charge controllers. These vulnerabilities were discovered as part of a PWN2OWN competition initiated by Trend Micro Zero Day Initiative …
VDE-2024-002
Feb. 6, 2024, 8:00 AM
The PITreader product family is using the 3rd -party-component uC/HTTP to implement the web server functionality. uC/HTTP is affected by multiple vulnerabilities. These vulnerabilities may enable an attacker to gain …
VDE-2024-001
Jan. 29, 2024, 8:00 AM
The TRUMPF CAD/CAM software tools mentioned above use the vulnerable CodeMeter Runtime (up to version 7.60d) application from WIBU-SYSTEMS AG to manage licenses within the component TRUMPF License Expert. This …
VDE-2024-006
Jan. 23, 2024, 8:00 AM
Multiple vulnerabilities in the included versions of OpenSSL can lead to different problems, including crashes of the OpenSSL modules (leading to a Denial of Service) or leakage of plaintext. These …
VDE-2024-007
Jan. 22, 2024, 8:00 AM
A heap-based buffer overflow caused by libcurl and wrong whitespace character interpretation in Javascript, both used in CodeMeter Runtime affecting multiple products by WAGO. WIBU-SYSTEMS Codemeter is installed by default …