Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 60 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2022-47382 CODESYS: Multiple products prone to stack based out-of-bounds write CODESYSCODESYS Control RTE (SL) High 8.8 2023-05-15 09:42:48 Deep Dive
CVE-2022-47381 CODESYS: Multiple products prone to stack based out-of-bounds write CODESYSCODESYS Control RTE (SL) High 8.8 2023-05-15 09:41:52 Deep Dive
CVE-2022-47380 CODESYS: Multiple products prone to out-of-bounds write CODESYSCODESYS Control RTE (SL) High 8.8 2023-05-15 09:40:45 Deep Dive
CVE-2022-47379 CODESYS: Multiple products prone to out-of-bounds write CODESYSCODESYS Control RTE (SL) High 8.8 2023-05-15 09:33:42 Deep Dive
CVE-2022-47378 CODESYS: Multiple products prone to Improper Input Validation CODESYSCODESYS Control RTE (SL) Medium 6.5 2023-05-15 09:30:22 Deep Dive
CVE-2022-22508 CODESYS V3: Improper Input Validation CODESYS V3CODESYS Control RTE (SL) Medium 4.3 2023-05-15 09:27:39 Deep Dive
CVE-2022-4224 CODESYS: Exposure of Resource to Wrong Sphere in CODESYS V3 CODESYSControl RTE (SL) High 8.8 2023-03-23 11:15:37 Deep Dive
CVE-2022-30792 CODESYS: CmpChannelServer, CmpChannelServerEmbedded allow unauthenticated attackers to block all their available communication channels CODESYSCODESYS Control RTE (SL) High 7.5 2022-07-11 10:40:44 Deep Dive
CVE-2022-30791 CODESYS V3: CmpBlkDrvTcp allows unauthenticated attackers to block all its available TCP connections CODESYSCODESYS Control RTE (SL) High 7.5 2022-07-11 10:40:39 Deep Dive
CVE-2022-22519 Special HTTP(s) Requests can cause a buffer-read causing a crash of the webserver and the runtime system. CODESYSCODESYS Control RTE (SL) High 7.5 2022-04-07 18:21:24 Deep Dive
CVE-2022-22517 Communication Components in multiple CODESYS products vulnerable to communication channel disruption CODESYSCODESYS Control RTE (SL) High 7.5 2022-04-07 18:21:20 Deep Dive
CVE-2022-22515 A component of the CODESYS Control runtime system allows read and write access to configuration files CODESYSCODESYS Control RTE (SL) High 8.1 2022-04-07 18:21:16 Deep Dive
CVE-2022-22514 Untrusted Pointer Dereference in multiple CODESYS products can lead to a DoS. CODESYSCODESYS Control RTE (SL) High 7.1 2022-04-07 18:21:14 Deep Dive
CVE-2022-22513 Null Pointer Dereference in multiple CODESYS products can lead to a DoS. CODESYSCODESYS Control RTE (SL) Medium 6.5 2022-04-07 18:21:13 Deep Dive
CVE-2021-34570 Phoenix Contact: DoS for PLCnext Control devices in versions prior to 2021.0.5 LTS Phoenix ContactAXC F High 7.5 2021-09-27 08:25:10 Deep Dive
CVE-2020-12521 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: A specially crafted LLDP packet may lead to a high system load in the PROFINET stack. Phoenix ContactAXC F 1152 (1151412) Medium 6.5 2020-12-17 22:43:15 Deep Dive
CVE-2020-12519 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use this vulnerability i.e. to open a reverse shell with root privileges. Phoenix ContactAXC F 1152 (1151412) High 8.8 2020-12-17 22:43:15 Deep Dive
CVE-2020-12518 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks. Phoenix ContactAXC F 1152 (1151412) Medium 5.5 2020-12-17 22:43:14 Deep Dive
CVE-2020-12517 Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS: An authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation). Phoenix ContactAXC F 1152 (1151412) High 8.8 2020-12-17 22:43:14 Deep Dive
CVE-2020-12499 PHOENIX CONTACT PLCnext Engineer version 2020.3.1 and earlier: Improper path sanitation vulnerability. PHOENIX CONTACTPLCnext Engineer High 8.2 2020-07-21 15:09:40 Deep Dive