| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-3400 | 8.8 | 0.00% | 4 | 0 | 2026-03-02T00:16:03.293000 | A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by | |
| CVE-2026-3399 | 8.8 | 0.00% | 4 | 0 | 2026-03-01T23:16:02.060000 | A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerabi | |
| CVE-2026-3398 | 8.8 | 0.00% | 4 | 0 | 2026-03-01T22:16:17.270000 | A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function f | |
| CVE-2026-3380 | 8.8 | 0.05% | 4 | 0 | 2026-03-01T04:16:01.890000 | A vulnerability was found in Tenda F453 1.0.0.3. This issue affects the function | |
| CVE-2026-3379 | 8.8 | 0.05% | 5 | 0 | 2026-03-01T03:16:16.743000 | A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects | |
| CVE-2026-3378 | 8.8 | 0.05% | 4 | 0 | 2026-03-01T03:16:15.103000 | A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqosse | |
| CVE-2026-28414 | 7.5 | 0.15% | 2 | 0 | 2026-03-01T01:28:44 | ### Summary Gradio apps running on Window with Python 3.13+ are vulnerable to an | |
| CVE-2026-26862 | 8.3 | 0.01% | 2 | 0 | 2026-03-01T01:26:40 | CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Si | |
| CVE-2026-28562 | 8.2 | 0.02% | 4 | 0 | 2026-03-01T00:30:19 | wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics: | |
| CVE-2026-3376 | 8.8 | 0.05% | 4 | 0 | 2026-03-01T00:30:19 | A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by th | |
| CVE-2026-3377 | 8.8 | 0.05% | 5 | 0 | 2026-03-01T00:16:17.487000 | A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is th | |
| CVE-2026-2844 | None | 0.07% | 2 | 0 | 2026-02-28T12:30:25 | Missing Authentication for Critical Function vulnerability in Microchip TimePict | |
| CVE-2026-3010 | None | 0.05% | 2 | 0 | 2026-02-28T12:30:25 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2025-13673 | 7.5 | 0.06% | 3 | 0 | 2026-02-28T09:30:14 | The Tutor LMS – eLearning and online course solution plugin for WordPress is vul | |
| CVE-2026-2471 | 7.5 | 0.04% | 2 | 0 | 2026-02-28T07:15:57.677000 | The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection i | |
| CVE-2026-2788 | 9.8 | 0.05% | 1 | 0 | 2026-02-28T04:16:19.250000 | Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerabil | |
| CVE-2026-0980 | 8.3 | 0.22% | 2 | 0 | 2026-02-28T02:45:38 | A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller | |
| CVE-2026-3037 | 8.0 | 0.11% | 1 | 0 | 2026-02-28T01:13:53.703000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-27630 | 7.5 | 0.10% | 2 | 0 | 2026-02-28T01:01:22.727000 | TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prio | |
| CVE-2026-28426 | 8.7 | 0.03% | 2 | 0 | 2026-02-27T23:16:05.780000 | Statmatic is a Laravel and Git powered content management system (CMS). Prior to | |
| CVE-2026-28425 | 8.0 | 0.14% | 2 | 0 | 2026-02-27T23:16:05.607000 | Statmatic is a Laravel and Git powered content management system (CMS). Prior to | |
| CVE-2026-20902 | 8.0 | 0.20% | 1 | 0 | 2026-02-27T23:13:13.603000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and | |
| CVE-2026-21718 | 10.0 | 0.07% | 2 | 0 | 2026-02-27T23:11:48.947000 | An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12 | |
| CVE-2026-23702 | 8.0 | 0.11% | 1 | 0 | 2026-02-27T23:08:42.743000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-24452 | 8.0 | 0.11% | 1 | 0 | 2026-02-27T23:08:17.530000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr | |
| CVE-2026-25037 | 8.0 | 0.11% | 1 | 0 | 2026-02-27T23:07:40.717000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr | |
| CVE-2026-25105 | 8.0 | 0.11% | 1 | 0 | 2026-02-27T23:07:06.143000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 an | |
| CVE-2026-25196 | 8.0 | 0.11% | 1 | 0 | 2026-02-27T23:06:36.453000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-27836 | 7.5 | 0.03% | 2 | 0 | 2026-02-27T22:20:48 | ### Summary The WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new | |
| CVE-2026-28416 | 8.2 | 0.03% | 2 | 0 | 2026-02-27T22:16:24.667000 | Gradio is an open-source Python package designed for quick prototyping. Prior to | |
| CVE-2026-28406 | 8.2 | 0.12% | 2 | 0 | 2026-02-27T22:16:23.513000 | kaniko is a tool to build container images from a Dockerfile, inside a container | |
| CVE-2026-28400 | 7.5 | 0.02% | 2 | 0 | 2026-02-27T22:16:23.160000 | Docker Model Runner (DMR) is software used to manage, run, and deploy AI models | |
| CVE-2026-27939 | 8.8 | 0.02% | 2 | 0 | 2026-02-27T21:35:03 | ## Impact Authenticated Control Panel users may under certain conditions obtain | |
| CVE-2025-40932 | 8.2 | 0.03% | 2 | 0 | 2026-02-27T21:32:27 | Apache::SessionX versions through 2.01 for Perl create insecure session id. Apa | |
| CVE-2026-2597 | 7.5 | 0.04% | 2 | 0 | 2026-02-27T21:32:27 | Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buff | |
| CVE-2025-69437 | 8.7 | 0.04% | 2 | 0 | 2026-02-27T21:32:27 | PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can | |
| CVE-2026-27755 | 9.8 | 0.11% | 4 | 0 | 2026-02-27T21:31:26 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak sessio | |
| CVE-2026-27510 | 9.7 | 0.08% | 3 | 0 | 2026-02-27T21:31:21 | Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree G | |
| CVE-2026-27509 | 8.0 | 0.03% | 3 | 0 | 2026-02-27T21:31:21 | Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not imp | |
| CVE-2026-22207 | 9.8 | 0.17% | 2 | 0 | 2026-02-27T21:31:21 | OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken ac | |
| CVE-2026-22206 | 8.8 | 0.14% | 2 | 0 | 2026-02-27T21:31:21 | SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows | |
| CVE-2026-22205 | 7.5 | 0.23% | 2 | 0 | 2026-02-27T21:31:21 | SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability cau | |
| CVE-2026-28268 | 9.8 | 0.03% | 4 | 0 | 2026-02-27T21:16:18.233000 | Vikunja is an open-source self-hosted task management platform. Versions prior t | |
| CVE-2026-27141 | 7.5 | 0.05% | 2 | 0 | 2026-02-27T20:21:37.657000 | Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running s | |
| CVE-2026-26861 | 8.3 | 0.02% | 2 | 0 | 2026-02-27T20:21:37.167000 | CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripti | |
| CVE-2026-26222 | 9.8 | 0.85% | 2 | 0 | 2026-02-27T20:05:06.970000 | Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes i | |
| CVE-2026-28363 | 9.9 | 0.09% | 2 | 0 | 2026-02-27T19:13:57.257000 | In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be b | |
| CVE-2026-28274 | 8.7 | 0.07% | 1 | 0 | 2026-02-27T19:07:37.763000 | Initiative is a self-hosted project management platform. Versions of the applica | |
| CVE-2026-28276 | 7.5 | 0.11% | 1 | 0 | 2026-02-27T19:06:01.180000 | Initiative is a self-hosted project management platform. An access control vulne | |
| CVE-2026-27635 | 7.5 | 0.05% | 1 | 0 | 2026-02-27T18:36:30.553000 | Manyfold is an open source, self-hosted web application for managing a collectio | |
| CVE-2026-24352 | 9.8 | 0.04% | 2 | 0 | 2026-02-27T18:36:00.687000 | PluXml CMS allows a user's session identifier to be set before authentication. T | |
| CVE-2026-2749 | 10.0 | 0.03% | 4 | 0 | 2026-02-27T18:31:12 | Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Cent | |
| CVE-2026-3271 | 8.8 | 0.11% | 1 | 0 | 2026-02-27T18:30:41.480000 | A vulnerability was found in Tenda F453 1.0.0.3. This impacts the function fromP | |
| CVE-2026-27751 | 9.8 | 0.04% | 4 | 0 | 2026-02-27T18:16:12.897000 | SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default cre | |
| CVE-2025-11251 | 9.8 | 0.01% | 2 | 0 | 2026-02-27T17:22:23.443000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-27942 | 7.5 | 0.04% | 2 | 0 | 2026-02-27T17:14:16.193000 | fast-xml-parser allows users to validate XML, parse XML to JS object, or build X | |
| CVE-2026-28370 | 9.1 | 0.08% | 2 | 0 | 2026-02-27T16:58:27.747000 | In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0 | |
| CVE-2026-2750 | 9.1 | 0.04% | 2 | 1 | 2026-02-27T16:16:25.827000 | Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Cen | |
| CVE-2026-27969 | None | 0.04% | 2 | 0 | 2026-02-27T16:03:55 | ### Impact Anyone with read/write access to the backup storage location (e.g. a | |
| CVE-2026-28215 | 9.1 | 0.06% | 2 | 0 | 2026-02-27T15:53:07.053000 | hoppscotch is an open source API development ecosystem. Prior to version 2026.2. | |
| CVE-2026-25136 | 8.1 | 0.04% | 1 | 0 | 2026-02-27T15:43:26.510000 | Rucio is a software framework that provides functionality to organize, manage, a | |
| CVE-2026-3301 | 9.8 | 2.90% | 4 | 0 | 2026-02-27T15:36:49.730000 | A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affe | |
| CVE-2026-2751 | 8.3 | 0.01% | 2 | 0 | 2026-02-27T15:34:20 | Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. | |
| CVE-2025-11252 | 9.8 | 0.03% | 2 | 0 | 2026-02-27T15:34:19 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-23750 | 8.1 | 0.01% | 2 | 0 | 2026-02-27T15:34:18 | Golioth Pouch version 0.1.0 prior to [INSERT FIXED VERSION], fixed in commit 1b2 | |
| CVE-2026-25997 | 9.8 | 0.07% | 2 | 0 | 2026-02-27T14:57:09.820000 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio | |
| CVE-2026-25955 | 9.8 | 0.05% | 2 | 0 | 2026-02-27T14:56:40.630000 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio | |
| CVE-2026-25953 | 9.8 | 0.07% | 2 | 0 | 2026-02-27T14:55:56.937000 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio | |
| CVE-2026-26955 | 8.8 | 0.04% | 1 | 0 | 2026-02-27T14:50:07.533000 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio | |
| CVE-2025-10990 | 7.5 | 0.15% | 2 | 0 | 2026-02-27T14:16:27.567000 | A flaw was found in REXML. A remote attacker could exploit inefficient regular e | |
| CVE-2026-27498 | 0 | 0.59% | 2 | 0 | 2026-02-27T14:06:59.787000 | n8n is an open source workflow automation platform. Prior to versions 2.2.0 and | |
| CVE-2026-21902 | 9.8 | 0.25% | 6 | 0 | 2026-02-27T14:06:59.787000 | An Incorrect Permission Assignment for Critical Resource vulnerability in the On | |
| CVE-2026-28136 | 7.6 | 0.03% | 2 | 0 | 2026-02-27T14:06:59.787000 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-27497 | 0 | 0.06% | 1 | 0 | 2026-02-27T14:06:59.787000 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2. | |
| CVE-2026-27577 | 0 | 0.09% | 1 | 0 | 2026-02-27T14:06:59.787000 | n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2. | |
| CVE-2026-3172 | 8.1 | 0.04% | 1 | 0 | 2026-02-27T14:06:59.787000 | Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 all | |
| CVE-2026-27575 | 9.1 | 0.01% | 1 | 0 | 2026-02-27T14:06:59.787000 | Vikunja is an open-source self-hosted task management platform. Prior to version | |
| CVE-2026-24663 | 9.0 | 1.35% | 4 | 0 | 2026-02-27T14:06:37.987000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2025-50857 | 9.8 | 0.58% | 2 | 0 | 2026-02-27T14:06:37.987000 | ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /mod | |
| CVE-2026-26682 | 7.8 | 0.02% | 2 | 0 | 2026-02-27T14:06:37.987000 | An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary | |
| CVE-2026-26938 | 8.6 | 0.04% | 2 | 0 | 2026-02-27T14:06:37.987000 | Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) | |
| CVE-2026-27449 | 7.5 | 0.05% | 3 | 0 | 2026-02-27T14:06:37.987000 | Umbraco Engage is a business intelligence platform. A vulnerability has been ide | |
| CVE-2026-2252 | 7.5 | 0.04% | 2 | 0 | 2026-02-27T14:06:37.987000 | An XML External Entity (XXE) vulnerability allows malicious user to perform Serv | |
| CVE-2026-25851 | 9.4 | 0.13% | 2 | 0 | 2026-02-27T14:06:37.987000 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-28211 | 7.8 | 0.01% | 1 | 0 | 2026-02-27T14:06:37.987000 | The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA d | |
| CVE-2026-25113 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T14:06:37.987000 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-25945 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T14:06:37.987000 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-24689 | 8.0 | 0.22% | 1 | 0 | 2026-02-27T14:06:37.987000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr | |
| CVE-2026-25195 | 8.0 | 0.22% | 1 | 0 | 2026-02-27T14:06:37.987000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and | |
| CVE-2026-25109 | 8.0 | 0.22% | 1 | 0 | 2026-02-27T14:06:37.987000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and p | |
| CVE-2026-24695 | 8.0 | 0.22% | 1 | 0 | 2026-02-27T14:06:37.987000 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and | |
| CVE-2026-26305 | 7.5 | 0.08% | 1 | 0 | 2026-02-27T14:06:37.987000 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-26078 | 7.5 | 0.03% | 1 | 0 | 2026-02-27T14:06:37.987000 | Discourse is an open source discussion platform. Prior to versions 2025.12.2, 20 | |
| CVE-2026-26265 | 7.5 | 0.03% | 1 | 0 | 2026-02-27T14:06:37.987000 | Discourse is an open source discussion platform. Prior to versions 2025.12.2, 20 | |
| CVE-2025-14343 | 7.6 | 0.03% | 1 | 0 | 2026-02-27T14:06:37.987000 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site | |
| CVE-2026-21658 | None | 0.59% | 2 | 0 | 2026-02-27T09:30:35 | Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code | |
| CVE-2025-12981 | 9.8 | 0.04% | 2 | 0 | 2026-02-27T09:30:35 | The Listee theme for WordPress is vulnerable to privilege escalation in all vers | |
| CVE-2026-2251 | 9.8 | 0.05% | 3 | 0 | 2026-02-27T09:30:35 | Improper limitation of a pathname to a restricted directory (Path Traversal) vul | |
| CVE-2026-1442 | 7.8 | 0.01% | 1 | 0 | 2026-02-27T06:31:39 | Since the encryption algorithm used to protect firmware updates is itself encryp | |
| CVE-2026-2428 | 7.5 | 0.02% | 1 | 0 | 2026-02-27T06:31:34 | The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insuffici | |
| CVE-2026-28364 | 7.9 | 0.04% | 1 | 0 | 2026-02-27T06:31:34 | In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deser | |
| CVE-2026-3273 | 8.8 | 0.08% | 1 | 0 | 2026-02-27T03:30:34 | A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerabi | |
| CVE-2026-3274 | 8.8 | 0.08% | 1 | 0 | 2026-02-27T03:30:34 | A security flaw has been discovered in Tenda F453 1.0.0.3. Affected by this issu | |
| CVE-2026-27028 | 9.4 | 0.18% | 3 | 0 | 2026-02-27T03:30:33 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-21389 | 8.1 | 0.20% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-20910 | 8.1 | 0.20% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-24517 | 8.1 | 0.22% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and p | |
| CVE-2026-24445 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T03:30:33 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-25111 | 8.1 | 0.22% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-25085 | 8.6 | 0.07% | 1 | 0 | 2026-02-27T03:30:33 | A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which | |
| CVE-2026-20764 | 8.1 | 0.11% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-3275 | 8.8 | 0.08% | 1 | 0 | 2026-02-27T03:30:33 | A weakness has been identified in Tenda F453 1.0.0.3. This affects the function | |
| CVE-2026-25721 | 8.1 | 0.11% | 1 | 0 | 2026-02-27T03:30:33 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri | |
| CVE-2026-20742 | 8.1 | 0.20% | 1 | 0 | 2026-02-27T03:30:32 | An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr | |
| CVE-2026-22553 | 9.8 | 0.89% | 2 | 0 | 2026-02-27T03:15:54.487000 | All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection | |
| CVE-2026-27767 | 9.4 | 0.13% | 3 | 0 | 2026-02-27T00:31:52 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-20781 | 9.4 | 0.13% | 2 | 0 | 2026-02-27T00:31:52 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-24731 | 9.4 | 0.13% | 2 | 0 | 2026-02-27T00:31:52 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-20792 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T00:31:52 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-3272 | 8.8 | 0.08% | 1 | 0 | 2026-02-27T00:31:52 | A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function f | |
| CVE-2026-27772 | 9.4 | 0.13% | 2 | 0 | 2026-02-27T00:31:51 | WebSocket endpoints lack proper authentication mechanisms, enabling attackers t | |
| CVE-2026-25114 | 7.5 | 0.06% | 1 | 0 | 2026-02-27T00:31:51 | The WebSocket Application Programming Interface lacks restrictions on the numbe | |
| CVE-2026-2799 | 9.8 | 0.04% | 1 | 0 | 2026-02-26T22:20:51.270000 | Use-after-free in the DOM: Core & HTML component. This vulnerability affects Fir | |
| CVE-2026-2797 | 9.8 | 0.04% | 1 | 0 | 2026-02-26T22:20:51.097000 | Use-after-free in the JavaScript: GC component. This vulnerability affects Firef | |
| CVE-2026-2803 | 7.5 | 0.04% | 1 | 0 | 2026-02-26T21:32:34 | Information disclosure, mitigation bypass in the Settings UI component. This vul | |
| CVE-2026-2800 | 9.8 | 0.04% | 1 | 0 | 2026-02-26T21:32:34 | Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerabil | |
| CVE-2026-1565 | 8.8 | 0.28% | 2 | 0 | 2026-02-26T21:31:39 | The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Members | |
| CVE-2025-71057 | 8.2 | 0.01% | 2 | 0 | 2026-02-26T21:31:30 | Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 | |
| CVE-2026-27888 | None | 0.04% | 2 | 0 | 2026-02-26T19:55:35 | ### Impact An attacker who uses this vulnerability can craft a PDF which leads t | |
| CVE-2026-27849 | 9.8 | 0.05% | 2 | 0 | 2026-02-26T18:32:43 | Due to missing neutralization of special elements, OS commands can be injected v | |
| CVE-2026-22719 | 8.1 | 0.33% | 1 | 0 | 2026-02-26T18:32:43 | VMware Aria Operations contains a command injection vulnerability. A malicious u | |
| CVE-2026-3179 | 8.1 | 0.35% | 1 | 0 | 2026-02-26T16:32:25.233000 | The FTP Backup on the ADM does not properly sanitize filenames received from the | |
| CVE-2022-20775 | 7.8 | 0.39% | 1 | 1 | 2026-02-26T16:20:09.420000 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated | |
| CVE-2026-20127 | 10.0 | 2.19% | 9 | 2 | 2026-02-26T16:20:02.187000 | A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controlle | |
| CVE-2026-3071 | 8.4 | 0.06% | 1 | 0 | 2026-02-26T15:30:37 | Deserialization of untrusted data in the LanguageModel class of Flair from versi | |
| CVE-2025-70327 | 9.8 | 2.05% | 2 | 0 | 2026-02-26T03:32:24 | TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerabi | |
| CVE-2025-70328 | 8.8 | 2.94% | 2 | 0 | 2026-02-26T03:06:13.490000 | TOTOLINK X6000R v9.4.0cu.1498_B20250826 contains an OS command injection vulnera | |
| CVE-2026-24443 | 8.8 | 0.01% | 1 | 0 | 2026-02-26T03:00:27.553000 | EventSentry versions prior to 6.0.1.20 contain an unverified password change vul | |
| CVE-2026-2806 | 9.1 | 0.04% | 1 | 0 | 2026-02-26T00:31:24 | Uninitialized memory in the Graphics: Text component. This vulnerability affects | |
| CVE-2026-2805 | 9.8 | 0.04% | 1 | 0 | 2026-02-26T00:31:24 | Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Fi | |
| CVE-2026-2796 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T21:32:26 | JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability | |
| CVE-2026-2795 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T21:32:26 | Use-after-free in the JavaScript: GC component. This vulnerability affects Firef | |
| CVE-2026-27850 | 7.5 | 0.03% | 1 | 0 | 2026-02-25T21:32:26 | Due to an improperly configured firewall rule, the router will accept any connec | |
| CVE-2026-2801 | 7.5 | 0.04% | 1 | 0 | 2026-02-25T21:32:25 | Incorrect boundary conditions in the JavaScript: WebAssembly component. This vul | |
| CVE-2026-1662 | 7.5 | 0.03% | 1 | 0 | 2026-02-25T21:31:26 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 | |
| CVE-2025-14511 | 7.5 | 0.03% | 1 | 0 | 2026-02-25T21:31:25 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 | |
| CVE-2026-1388 | 7.5 | 0.03% | 1 | 0 | 2026-02-25T21:31:25 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 b | |
| CVE-2026-0752 | 8.0 | 0.08% | 1 | 0 | 2026-02-25T21:31:25 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.2 | |
| CVE-2026-2807 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T19:43:24.757000 | Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bug | |
| CVE-2026-26331 | 8.8 | 0.60% | 2 | 1 | 2026-02-25T19:32:30.417000 | yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21 | |
| CVE-2026-2781 | 9.8 | 0.04% | 2 | 0 | 2026-02-25T18:32:40 | Integer overflow in the Libraries component in NSS. This vulnerability affects F | |
| CVE-2026-2786 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T18:32:40 | Use-after-free in the JavaScript Engine component. This vulnerability affects Fi | |
| CVE-2025-67445 | 7.5 | 0.09% | 1 | 1 | 2026-02-25T18:31:36 | TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerabili | |
| CVE-2026-2787 | 9.8 | 0.04% | 1 | 0 | 2026-02-25T15:32:44 | Use-after-free in the DOM: Window and Location component. This vulnerability aff | |
| CVE-2026-25108 | 8.8 | 18.59% | 3 | 0 | 2026-02-24T21:38:18.607000 | FileZen contains an OS command injection vulnerability. When FileZen Antivirus C | |
| CVE-2025-40541 | 9.1 | 0.02% | 1 | 0 | 2026-02-24T18:32:04 | An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which | |
| CVE-2025-40538 | 9.1 | 0.03% | 1 | 0 | 2026-02-24T09:31:31 | A broken access control vulnerability exists in Serv-U which when exploited, giv | |
| CVE-2026-1459 | 7.2 | 0.06% | 1 | 0 | 2026-02-24T03:30:30 | A post-authentication command injection vulnerability in the TR-369 certificate | |
| CVE-2025-13942 | 9.8 | 0.34% | 2 | 0 | 2026-02-24T03:30:27 | A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 fi | |
| CVE-2025-13943 | 8.8 | 0.18% | 1 | 0 | 2026-02-24T03:30:27 | A post-authentication command injection vulnerability in the log file download f | |
| CVE-2026-2033 | 8.1 | 15.58% | 2 | 0 | 2026-02-23T18:14:13.887000 | MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Executio | |
| CVE-2026-2329 | 9.8 | 41.14% | 2 | 0 | 2026-02-20T21:31:21 | An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP | |
| CVE-2026-22769 | 10.0 | 34.16% | 3 | 0 | 2026-02-18T18:30:35 | Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a | |
| CVE-2026-0714 | 6.8 | 0.01% | 1 | 0 | 2026-02-18T17:55:46.557000 | A physical attack vulnerability exists in certain Moxa industrial computers usin | |
| CVE-2026-1731 | 9.8 | 60.92% | 4 | 5 | template | 2026-02-17T15:31:33 | BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote |
| CVE-2025-15556 | 7.5 | 2.69% | 1 | 2 | 2026-02-13T14:03:47.787000 | Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an upd | |
| CVE-2026-1603 | 8.6 | 11.74% | 2 | 0 | template | 2026-02-12T15:20:13.990000 | An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allo |
| CVE-2020-37088 | 7.5 | 4.95% | 2 | 0 | 2026-02-10T17:03:53.480000 | School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthen | |
| CVE-2026-24680 | 7.5 | 0.02% | 2 | 0 | 2026-02-10T15:06:48.767000 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0 | |
| CVE-2025-61726 | 7.5 | 0.03% | 1 | 0 | 2026-02-06T21:30:47 | The net/url package does not set a limit on the number of query parameters in a | |
| CVE-2020-37123 | 9.8 | 12.89% | 2 | 0 | template | 2026-02-05T18:30:36 | Pinger 1.0 contains a remote code execution vulnerability that allows attackers |
| CVE-2026-1207 | None | 7.39% | 2 | 0 | template | 2026-02-03T19:32:57 | An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4 |
| CVE-2026-21852 | 7.5 | 0.05% | 3 | 2 | 2026-02-02T15:04:41.717000 | Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in | |
| CVE-2026-1687 | 7.3 | 5.42% | 2 | 0 | 2026-01-30T18:31:21 | A weakness has been identified in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon | |
| CVE-2026-23760 | 9.8 | 59.79% | 1 | 2 | template | 2026-01-27T18:33:14 | SmarterTools SmarterMail versions prior to build 9511 contain an authentication |
| CVE-2025-0282 | 9.0 | 94.12% | 3 | 10 | template | 2025-10-24T13:54:58.783000 | A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, |
| CVE-2021-44228 | 10.0 | 94.36% | 1 | 100 | template | 2025-10-22T19:13:26 | # Summary Log4j versions prior to 2.16.0 are subject to a remote code execution |
| CVE-2020-11023 | 6.9 | 35.96% | 1 | 8 | 2025-10-22T17:52:05 | ### Impact Passing HTML containing `<option>` elements from untrusted sources - | |
| CVE-2025-59536 | None | 0.04% | 4 | 0 | 2025-10-03T14:16:36 | Due to a bug in the startup trust dialog implementation, Claude Code could be tr | |
| CVE-2021-34596 | 6.5 | 0.24% | 1 | 0 | 2025-08-15T21:31:14 | A crafted request may cause a read access to an uninitialized pointer in CODESYS | |
| CVE-2021-30187 | 5.3 | 0.12% | 1 | 0 | 2025-08-15T21:31:12 | CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Spec | |
| CVE-2021-30188 | 9.8 | 0.57% | 1 | 0 | 2025-08-15T20:28:18.250000 | CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow. | |
| CVE-2021-30195 | 7.5 | 0.42% | 1 | 0 | 2025-08-15T20:26:54.410000 | CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. | |
| CVE-2021-34593 | 7.5 | 1.59% | 1 | 0 | 2025-08-15T20:25:58.247000 | In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7. | |
| CVE-2021-34595 | 8.1 | 0.37% | 1 | 0 | 2025-08-15T20:25:40.657000 | A crafted request with invalid offsets may cause an out-of-bounds read or write | |
| CVE-2021-30186 | 7.5 | 0.45% | 1 | 0 | 2025-08-15T20:20:41.123000 | CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow. | |
| CVE-2025-41659 | 8.3 | 0.04% | 1 | 0 | 2025-08-04T09:30:34 | A low-privileged attacker can remotely access the PKI folder of the CODESYS Cont | |
| CVE-2025-41658 | 5.5 | 0.02% | 1 | 0 | 2025-08-04T09:30:34 | CODESYS Runtime Toolkit-based products may expose sensitive files to local low-p | |
| CVE-2022-47392 | 6.5 | 0.40% | 1 | 0 | 2025-07-17T13:10:35.760000 | An authenticated, remote attacker may use a improper input validation vulnerabil | |
| CVE-2022-47389 | 8.8 | 5.42% | 1 | 0 | 2025-07-17T13:09:56.670000 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47385 | 8.8 | 5.42% | 1 | 0 | 2025-07-17T13:02:02.717000 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47382 | 8.8 | 5.42% | 1 | 0 | 2025-07-17T12:50:47.377000 | An authenticated remote attacker may use a stack based out-of-bounds write vulne | |
| CVE-2022-47381 | 8.8 | 5.42% | 1 | 0 | 2025-07-17T12:46:26.603000 | An authenticated remote attacker may use a stack based out-of-bounds write vulne | |
| CVE-2022-47378 | 6.5 | 0.51% | 1 | 0 | 2025-07-17T12:38:13.340000 | Multiple CODESYS products in multiple versions are prone to a improper input val | |
| CVE-2025-36632 | 7.8 | 0.02% | 1 | 0 | 2025-06-16T15:32:27 | In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a | |
| CVE-2025-2595 | 5.3 | 0.15% | 1 | 0 | 2025-04-23T14:08:13.383000 | An unauthenticated remote attacker can bypass the user management in CODESYS Vis | |
| CVE-2017-13089 | 8.8 | 51.23% | 2 | 2 | 2025-04-20T03:47:47 | The http.c:skip_short_body() function is called in some circumstances, such as w | |
| CVE-2017-3735 | 5.3 | 8.85% | 1 | 0 | 2025-04-20T03:45:00 | While parsing an IPAddressFamily extension in an X.509 certificate, it is possib | |
| CVE-2020-12067 | 7.5 | 0.14% | 1 | 0 | 2025-04-14T18:32:45 | In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development Sys | |
| CVE-2019-9011 | 5.3 | 0.16% | 1 | 0 | 2025-04-14T17:15:22.920000 | In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development Sys | |
| CVE-2010-5250 | None | 0.05% | 1 | 0 | 2025-04-11T04:03:08 | Untrusted search path vulnerability in the pthread_win32_process_attach_np funct | |
| CVE-2025-0694 | 6.6 | 0.10% | 1 | 0 | 2025-03-18T12:30:48 | Insufficient path validation in CODESYS Control allows low privileged attackers | |
| CVE-2025-1468 | 7.5 | 0.11% | 1 | 0 | 2025-03-18T11:15:39.553000 | An unauthenticated remote attacker can gain access to sensitive information incl | |
| CVE-2024-3661 | 7.6 | 2.42% | 1 | 3 | 2025-01-15T16:50:28.667000 | DHCP can add routes to a client’s routing table via the classless static route o | |
| CVE-2023-4116 | 4.3 | 25.35% | 2 | 0 | template | 2024-11-21T08:34:25.727000 | A vulnerability classified as problematic was found in PHP Jabbers Taxi Booking |
| CVE-2023-49676 | 5.5 | 0.06% | 1 | 0 | 2024-11-21T08:33:41.280000 | An unauthenticated local attacker may trick a user to open corrupted project fil | |
| CVE-2023-49675 | 7.8 | 0.07% | 1 | 0 | 2024-11-21T08:33:41.160000 | An unauthenticated local attacker may trick a user to open corrupted project fil | |
| CVE-2023-3663 | 8.8 | 0.66% | 1 | 0 | 2024-11-21T08:17:47.187000 | In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a mis | |
| CVE-2023-37553 | 6.5 | 0.08% | 1 | 0 | 2024-11-21T08:11:55.730000 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37548 | 6.5 | 0.08% | 1 | 0 | 2024-11-21T08:11:54.897000 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-37546 | 6.5 | 0.08% | 1 | 0 | 2024-11-21T08:11:54.597000 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-37545 | 6.5 | 0.08% | 1 | 0 | 2024-11-21T08:11:54.430000 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2022-4046 | 8.8 | 0.76% | 1 | 0 | 2024-11-21T07:34:30.347000 | In CODESYS Control in multiple versions a improper restriction of operations wit | |
| CVE-2022-32143 | 8.8 | 1.01% | 1 | 0 | 2024-11-21T07:05:50.140000 | In multiple CODESYS products, file download and upload function allows access to | |
| CVE-2022-32141 | 6.5 | 0.31% | 1 | 0 | 2024-11-21T07:05:49.833000 | Multiple CODESYS Products are prone to a buffer over read. A low privileged remo | |
| CVE-2022-32140 | 6.5 | 0.33% | 1 | 0 | 2024-11-21T07:05:49.693000 | Multiple CODESYS products are affected to a buffer overflow.A low privileged rem | |
| CVE-2022-32138 | 8.8 | 1.08% | 1 | 0 | 2024-11-21T07:05:49.447000 | In multiple CODESYS products, a remote attacker may craft a request which may ca | |
| CVE-2022-32137 | 8.8 | 1.04% | 1 | 0 | 2024-11-21T07:05:49.320000 | In multiple CODESYS products, a low privileged remote attacker may craft a reque | |
| CVE-2022-32136 | 6.5 | 0.31% | 1 | 0 | 2024-11-21T07:05:49.183000 | In multiple CODESYS products, a low privileged remote attacker may craft a reque | |
| CVE-2022-31806 | 9.8 | 0.54% | 1 | 0 | 2024-11-21T07:05:22.200000 | In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 pas | |
| CVE-2022-22517 | 7.5 | 0.68% | 1 | 0 | 2024-11-21T06:46:56.430000 | An unauthenticated, remote attacker can disrupt existing communication channels | |
| CVE-2022-22514 | 7.1 | 0.50% | 1 | 0 | 2024-11-21T06:46:56.033000 | An authenticated, remote attacker can gain access to a dereferenced pointer cont | |
| CVE-2022-1989 | 5.3 | 0.24% | 1 | 0 | 2024-11-21T06:41:53.937000 | All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulne | |
| CVE-2021-36765 | 7.5 | 0.31% | 1 | 0 | 2024-11-21T06:14:02.903000 | In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a | |
| CVE-2021-33485 | 9.8 | 0.39% | 1 | 0 | 2024-11-21T06:08:55.267000 | CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow | |
| CVE-2021-29239 | 7.8 | 0.03% | 1 | 0 | 2024-11-21T06:00:51.517000 | CODESYS Development System 3 before 3.5.17.0 displays or executes malicious docu | |
| CVE-2021-21868 | 7.8 | 0.09% | 1 | 0 | 2024-11-21T05:49:08.600000 | An unsafe deserialization vulnerability exists in the ObjectManager.plugin Proje | |
| CVE-2021-21866 | 7.8 | 0.09% | 1 | 0 | 2024-11-21T05:49:08.360000 | A unsafe deserialization vulnerability exists in the ObjectManager.plugin Profil | |
| CVE-2021-21865 | 7.8 | 0.06% | 1 | 0 | 2024-11-21T05:49:08.247000 | A unsafe deserialization vulnerability exists in the PackageManagement.plugin Ex | |
| CVE-2021-21864 | 7.8 | 0.09% | 1 | 0 | 2024-11-21T05:49:08.133000 | A unsafe deserialization vulnerability exists in the ComponentModel ComponentMan | |
| CVE-2021-21863 | 7.8 | 0.08% | 1 | 0 | 2024-11-21T05:49:08.020000 | A unsafe deserialization vulnerability exists in the ComponentModel Profile.From | |
| CVE-2020-15806 | 7.5 | 0.46% | 1 | 0 | 2024-11-21T05:06:13.097000 | CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Alloc | |
| CVE-2020-14515 | 7.5 | 0.08% | 1 | 0 | 2024-11-21T05:03:26.193000 | CodeMeter (All versions prior to 6.90 when using CmActLicense update files with | |
| CVE-2020-10245 | 9.8 | 1.41% | 1 | 0 | 2024-11-21T04:55:03.253000 | CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime syste | |
| CVE-2019-9010 | 9.8 | 0.32% | 1 | 0 | 2024-11-21T04:50:48.343000 | An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway doe | |
| CVE-2019-9009 | 7.5 | 0.31% | 1 | 0 | 2024-11-21T04:50:48.197000 | An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network pa | |
| CVE-2019-13532 | 7.5 | 1.56% | 1 | 0 | 2024-11-21T04:25:05.470000 | CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to se | |
| CVE-2020-12069 | 9.8 | 0.08% | 1 | 0 | 2024-10-03T21:32:08 | In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development Sys | |
| CVE-2024-8175 | 7.5 | 1.16% | 1 | 0 | 2024-09-26T13:32:02.803000 | An unauthenticated remote attacker can causes the CODESYS web server to access i | |
| CVE-2024-37032 | None | 93.76% | 2 | 3 | template | 2024-09-06T21:37:31 | Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 |
| CVE-2024-5000 | 7.5 | 0.81% | 1 | 0 | 2024-06-04T09:31:04 | An unauthenticated remote attacker can use a malicious OPC UA client to send a c | |
| CVE-2022-47390 | 8.8 | 5.42% | 1 | 0 | 2024-04-11T21:18:06 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2023-41772 | 7.8 | 19.53% | 2 | 1 | 2024-04-04T08:32:52 | Win32k Elevation of Privilege Vulnerability | |
| CVE-2023-37559 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:20 | After successful authentication as a user in multiple Codesys products in multip | |
| CVE-2023-3669 | 3.3 | 0.05% | 1 | 0 | 2024-04-04T06:31:19 | A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.2 | |
| CVE-2023-37558 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:17 | After successful authentication as a user in multiple Codesys products in multip | |
| CVE-2023-37557 | 6.5 | 0.05% | 1 | 0 | 2024-04-04T06:31:16 | After successful authentication as a user in multiple Codesys products in multip | |
| CVE-2023-37556 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:15 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37554 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:14 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37555 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:12 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37550 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:09 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-37552 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:09 | In multiple versions of multiple Codesys products, after successful authenticati | |
| CVE-2023-37551 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:06 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-37549 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:05 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-37547 | 6.5 | 0.08% | 1 | 0 | 2024-04-04T06:31:00 | In multiple Codesys products in multiple versions, after successful authenticati | |
| CVE-2023-3662 | 7.3 | 0.03% | 1 | 0 | 2024-04-04T06:30:56 | In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vu | |
| CVE-2023-3670 | 7.3 | 0.03% | 1 | 0 | 2024-04-04T06:24:58 | In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 | |
| CVE-2022-47387 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:43:02 | An authenticated remote attacker may use a stack based out-of-bounds write vulne | |
| CVE-2022-47388 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:43:02 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47386 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:42:59 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47383 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:42:57 | An authenticated, remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47384 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:42:57 | An authenticated remote attacker may use a stack based out-of-bounds write vulne | |
| CVE-2022-47379 | 8.8 | 6.08% | 1 | 0 | 2024-04-04T05:42:52 | An authenticated, remote attacker may use a out-of-bounds write vulnerability in | |
| CVE-2022-47380 | 8.8 | 5.42% | 1 | 0 | 2024-04-04T05:42:52 | An authenticated remote attacker may use a stack based out-of-bounds write vuln | |
| CVE-2022-47393 | 6.5 | 0.65% | 1 | 0 | 2024-04-04T04:05:11 | An authenticated, remote attacker may use a Improper Restriction of Operations w | |
| CVE-2022-4048 | 7.7 | 0.04% | 1 | 0 | 2024-04-04T04:05:10 | Inadequate Encryption Strength in CODESYS Development System V3 versions prior t | |
| CVE-2022-47391 | 7.5 | 0.69% | 1 | 0 | 2024-04-04T04:05:08 | In multiple CODESYS products in multiple versions an unauthorized, remote attack | |
| CVE-2022-22508 | 4.3 | 0.13% | 1 | 0 | 2024-04-04T04:05:05 | Improper Input Validation vulnerability in multiple CODESYS V3 products allows a | |
| CVE-2019-19789 | 6.5 | 0.46% | 1 | 0 | 2024-04-04T02:44:48 | 3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit | |
| CVE-2019-18858 | 9.8 | 0.41% | 1 | 0 | 2024-04-04T02:40:12 | CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runti | |
| CVE-2019-13542 | 6.5 | 0.16% | 1 | 0 | 2024-04-04T01:57:58 | 3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 | |
| CVE-2023-6357 | 8.8 | 0.28% | 1 | 0 | 2023-12-11T21:30:21 | A low-privileged remote attacker could exploit the vulnerability and inject addi | |
| CVE-2023-3935 | 10.0 | 0.41% | 1 | 0 | 2023-11-10T05:01:31 | A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service u | |
| CVE-2022-4224 | 8.8 | 0.80% | 1 | 0 | 2023-07-06T15:30:31 | In multiple products of CODESYS v3 in multiple versions a remote low privileged | |
| CVE-2019-9012 | 7.5 | 0.14% | 1 | 0 | 2023-05-16T12:30:20 | An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication | |
| CVE-2019-9013 | 8.8 | 0.43% | 1 | 0 | 2023-05-16T12:30:19 | An issue was discovered in 3S-Smart CODESYS V3 products. The application may uti | |
| CVE-2019-9008 | 8.8 | 0.53% | 1 | 0 | 2023-03-29T21:30:23 | An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with lo | |
| CVE-2018-20025 | 7.5 | 0.68% | 1 | 0 | 2023-02-02T05:03:30 | Use of Insufficiently Random Values exists in CODESYS V3 products versions prior | |
| CVE-2018-10612 | 9.8 | 0.24% | 1 | 0 | 2023-02-01T05:08:48 | In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version | |
| CVE-2018-20026 | 7.5 | 1.05% | 1 | 0 | 2023-02-01T05:06:00 | Improper Communication Address Filtering exists in CODESYS V3 products versions | |
| CVE-2018-0739 | 6.5 | 3.95% | 1 | 0 | 2023-02-01T05:03:15 | Constructed ASN.1 types with a recursive definition (such as can be found in PKC | |
| CVE-2021-21869 | 7.8 | 0.08% | 1 | 0 | 2023-01-30T05:01:47 | An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInfor | |
| CVE-2021-21867 | 7.8 | 0.09% | 1 | 0 | 2023-01-30T05:01:37 | A unsafe deserialization vulnerability exists in the ObjectManager.plugin Object | |
| CVE-2021-36763 | None | 0.23% | 1 | 0 | 2023-01-30T05:01:15 | In CODESYS V3 web server before 3.5.17.10, files or directories are accessible t | |
| CVE-2021-36764 | None | 0.24% | 1 | 0 | 2023-01-30T05:01:14 | In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Cra | |
| CVE-2021-33486 | None | 0.39% | 1 | 0 | 2023-01-30T05:01:11 | All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 | |
| CVE-2021-30190 | 9.8 | 0.43% | 1 | 0 | 2023-01-29T05:06:46 | CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. | |
| CVE-2021-29240 | None | 0.26% | 1 | 0 | 2023-01-29T05:06:35 | The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not che | |
| CVE-2021-29241 | 7.5 | 0.41% | 1 | 0 | 2023-01-29T05:06:33 | CODESYS Gateway 3 before 3.5.17.0 has a NULL pointer dereference that may result | |
| CVE-2021-29242 | None | 0.32% | 1 | 0 | 2023-01-29T05:06:09 | CODESYS Control Runtime system before 3.5.17.0 has improper input validation. At | |
| CVE-2020-14519 | None | 0.09% | 1 | 0 | 2023-01-29T05:04:32 | This vulnerability allows an attacker to use the internal WebSockets API for Cod | |
| CVE-2020-16233 | None | 0.12% | 1 | 0 | 2023-01-29T05:04:06 | An attacker could send a specially crafted packet that could have CodeMeter (All | |
| CVE-2020-14517 | None | 0.08% | 1 | 0 | 2023-01-29T05:04:03 | Protocol encryption can be easily broken for CodeMeter (All versions prior to 6. | |
| CVE-2020-14513 | None | 0.26% | 1 | 0 | 2023-01-29T05:04:03 | CodeMeter (All versions prior to 6.81) and the software using it may crash while | |
| CVE-2020-14509 | None | 0.28% | 1 | 0 | 2023-01-29T05:03:52 | Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prio | |
| CVE-2020-12068 | None | 0.18% | 1 | 0 | 2023-01-29T05:02:53 | An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS W | |
| CVE-2019-5105 | 7.5 | 0.20% | 1 | 0 | 2023-01-29T05:02:04 | An exploitable memory corruption vulnerability exists in the Name Service Client | |
| CVE-2020-7052 | None | 0.59% | 1 | 0 | 2023-01-29T05:01:15 | CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled m | |
| CVE-2019-13548 | None | 2.40% | 1 | 0 | 2023-01-28T05:07:31 | CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to se | |
| CVE-2019-13538 | None | 0.19% | 1 | 0 | 2023-01-28T05:07:13 | 3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior | |
| CVE-2022-30792 | 5.3 | 0.54% | 1 | 0 | 2023-01-27T05:05:27 | In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource | |
| CVE-2022-31805 | 9.8 | 0.28% | 1 | 0 | 2023-01-27T05:05:21 | In the CODESYS Development System multiple components in multiple versions trans | |
| CVE-2022-32139 | 6.5 | 0.31% | 1 | 0 | 2023-01-27T05:05:21 | In multiple CODESYS products, a low privileged remote attacker may craft a reque | |
| CVE-2022-30791 | 5.3 | 0.39% | 1 | 0 | 2023-01-27T05:05:16 | In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource con | |
| CVE-2022-1965 | 6.5 | 0.79% | 1 | 0 | 2023-01-27T05:05:02 | Multiple products of CODESYS implement a improper error handling. A low privileg | |
| CVE-2022-32142 | 8.1 | 0.79% | 1 | 0 | 2023-01-27T05:04:35 | Multiple CODESYS Products are prone to a out-of bounds read or write access. A l | |
| CVE-2022-22516 | 7.8 | 0.04% | 1 | 0 | 2023-01-27T05:01:30 | The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows a | |
| CVE-2022-22515 | 8.1 | 0.20% | 1 | 0 | 2023-01-27T05:01:23 | A remote, unauthenticated attacker could utilize the control programmer of the C | |
| CVE-2022-22513 | 6.5 | 0.40% | 1 | 0 | 2023-01-27T05:01:23 | An authenticated remote attacker can cause a null pointer dereference in the Cmp | |
| CVE-2022-22519 | 6.5 | 0.78% | 1 | 0 | 2023-01-27T05:01:22 | A remote, authenticated attacker can send a specific crafted HTTP or HTTPS reque | |
| CVE-2025-64328 | 0 | 21.39% | 1 | 1 | N/A | ||
| CVE-2026-23627 | 0 | 0.01% | 2 | 0 | N/A | ||
| CVE-2026-25954 | 0 | 0.05% | 2 | 0 | N/A | ||
| CVE-2026-25952 | 0 | 0.07% | 2 | 0 | N/A | ||
| CVE-2026-25942 | 0 | 0.05% | 2 | 0 | N/A | ||
| CVE-2026-25959 | 0 | 0.06% | 2 | 0 | N/A | ||
| CVE-2026-26986 | 0 | 0.05% | 2 | 0 | N/A | ||
| CVE-2026-27950 | 0 | 0.08% | 2 | 0 | N/A | ||
| CVE-2026-27633 | 0 | 0.10% | 2 | 0 | N/A | ||
| CVE-2026-28213 | 0 | 0.04% | 2 | 0 | N/A | ||
| CVE-2026-27947 | 0 | 0.30% | 2 | 0 | N/A | ||
| CVE-2026-28272 | 0 | 0.03% | 2 | 0 | N/A | ||
| CVE-2026-28408 | 0 | 0.05% | 4 | 0 | N/A | ||
| CVE-2026-28411 | 0 | 0.27% | 4 | 0 | N/A | ||
| CVE-2026-28409 | 0 | 0.21% | 4 | 0 | N/A | ||
| CVE-2026-28216 | 0 | 0.04% | 1 | 0 | N/A | ||
| CVE-2026-28275 | 0 | 0.03% | 1 | 0 | N/A | ||
| CVE-2026-26965 | 0 | 0.04% | 1 | 0 | N/A | ||
| CVE-2026-26985 | 0 | 0.04% | 1 | 0 | N/A | ||
| CVE-2026-26984 | 0 | 0.10% | 1 | 0 | N/A | ||
| CVE-2026-27976 | 0 | 0.04% | 1 | 0 | N/A |
updated 2026-03-02T00:16:03.293000
4 posts
🟠 CVE-2026-3400 - High (8.8)
A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer o...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3400/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🛡️ CVE-2026-3400 (HIGH, CVSS 8.7): Stack-based buffer overflow in Tenda AC15 routers (≤v15.13.07.13) allows unauthenticated remote code execution. PoC code is public. Restrict access & monitor for patches! https://radar.offseq.com/threat/cve-2026-3400-stack-based-buffer-overflow-in-tenda-c665b93a #OffSeq #Infosec #CVE #Vulnerability
##🟠 CVE-2026-3400 - High (8.8)
A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer o...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3400/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🛡️ CVE-2026-3400 (HIGH, CVSS 8.7): Stack-based buffer overflow in Tenda AC15 routers (≤v15.13.07.13) allows unauthenticated remote code execution. PoC code is public. Restrict access & monitor for patches! https://radar.offseq.com/threat/cve-2026-3400-stack-based-buffer-overflow-in-tenda-c665b93a #OffSeq #Infosec #CVE #Vulnerability
##updated 2026-03-01T23:16:02.060000
4 posts
🚨 HIGH severity: CVE-2026-3399 impacts Tenda F453 (v1.0.0.3) via buffer overflow in httpd's fromGstDhcpSetSer. Remotely exploitable, public exploit available. Patch or mitigate now to prevent device takeover! https://radar.offseq.com/threat/cve-2026-3399-buffer-overflow-in-tenda-f453-2372f90c #OffSeq #Vuln #Infosec #Router
##🟠 CVE-2026-3399 - High (8.8)
A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. The manipulation of the argument dips leads to buffer overflow. The at...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3399/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 HIGH severity: CVE-2026-3399 impacts Tenda F453 (v1.0.0.3) via buffer overflow in httpd's fromGstDhcpSetSer. Remotely exploitable, public exploit available. Patch or mitigate now to prevent device takeover! https://radar.offseq.com/threat/cve-2026-3399-buffer-overflow-in-tenda-f453-2372f90c #OffSeq #Vuln #Infosec #Router
##🟠 CVE-2026-3399 - High (8.8)
A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. The manipulation of the argument dips leads to buffer overflow. The at...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3399/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T22:16:17.270000
4 posts
🔎 HIGH severity: Tenda F453 v1.0.0.3 vulnerable to remote buffer overflow (CVE-2026-3398) via /goform/AdvSetWan. Exploit public, RCE possible with no auth. Disable remote admin & monitor for exploits. Patch ASAP. https://radar.offseq.com/threat/cve-2026-3398-buffer-overflow-in-tenda-f453-735bc013 #OffSeq #Vuln #RouterSec
##🟠 CVE-2026-3398 - High (8.8)
A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. Executing a manipulation of the argument wanmode/PPPOEPassword can lead to buffer overflow. The atta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3398/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔎 HIGH severity: Tenda F453 v1.0.0.3 vulnerable to remote buffer overflow (CVE-2026-3398) via /goform/AdvSetWan. Exploit public, RCE possible with no auth. Disable remote admin & monitor for exploits. Patch ASAP. https://radar.offseq.com/threat/cve-2026-3398-buffer-overflow-in-tenda-f453-735bc013 #OffSeq #Vuln #RouterSec
##🟠 CVE-2026-3398 - High (8.8)
A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. Executing a manipulation of the argument wanmode/PPPOEPassword can lead to buffer overflow. The atta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3398/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T04:16:01.890000
4 posts
🚨 CVE-2026-3380: HIGH-severity buffer overflow in Tenda F453 (v1.0.0.3). Remotely exploitable, no auth needed — PoC public. Isolate devices, restrict WAN, monitor for /goform/L7Im traffic. Patch pending. https://radar.offseq.com/threat/cve-2026-3380-buffer-overflow-in-tenda-f453-54481f34 #OffSeq #Vulnerability #Tenda #InfoSec
##🟠 CVE-2026-3380 - High (8.8)
A vulnerability was found in Tenda F453 1.0.0.3. This issue affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page results in buffer overflow. The attack may be launched remotely. The exploit has been made...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3380/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-3380: HIGH-severity buffer overflow in Tenda F453 (v1.0.0.3). Remotely exploitable, no auth needed — PoC public. Isolate devices, restrict WAN, monitor for /goform/L7Im traffic. Patch pending. https://radar.offseq.com/threat/cve-2026-3380-buffer-overflow-in-tenda-f453-54481f34 #OffSeq #Vulnerability #Tenda #InfoSec
##🟠 CVE-2026-3380 - High (8.8)
A vulnerability was found in Tenda F453 1.0.0.3. This issue affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page results in buffer overflow. The attack may be launched remotely. The exploit has been made...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3380/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T03:16:16.743000
5 posts
⚠️ New security advisory:
CVE-2026-3379 affects multiple systems.
• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours
Full breakdown:
https://yazoul.net/advisory/cve/cve-2026-3379
🟠 CVE-2026-3379 - High (8.8)
A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The ex...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3379/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 HIGH severity: Tenda F453 v1.0.0.3 has a buffer overflow (CVE-2026-3379) in /goform/SetIpBind. Remotely exploitable with no auth. Restrict access, monitor for exploit attempts, and patch ASAP. https://radar.offseq.com/threat/cve-2026-3379-buffer-overflow-in-tenda-f453-63a79945 #OffSeq #Cybersecurity #Vulnerability #CVE20263379
##🟠 CVE-2026-3379 - High (8.8)
A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The ex...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3379/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 HIGH severity: Tenda F453 v1.0.0.3 has a buffer overflow (CVE-2026-3379) in /goform/SetIpBind. Remotely exploitable with no auth. Restrict access, monitor for exploit attempts, and patch ASAP. https://radar.offseq.com/threat/cve-2026-3379-buffer-overflow-in-tenda-f453-63a79945 #OffSeq #Cybersecurity #Vulnerability #CVE20263379
##updated 2026-03-01T03:16:15.103000
4 posts
🔥 CVE-2026-3378 (HIGH, CVSS 8.7): Buffer overflow in Tenda F453 (FW 1.0.0.3) lets remote attackers execute code or cause DoS — no authentication needed. PoC exploit published. Patch or restrict access now! https://radar.offseq.com/threat/cve-2026-3378-buffer-overflow-in-tenda-f453-0b5023a3 #OffSeq #Vulnerability #Tenda #RouterSecurity
##🟠 CVE-2026-3378 - High (8.8)
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has be...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3378/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔥 CVE-2026-3378 (HIGH, CVSS 8.7): Buffer overflow in Tenda F453 (FW 1.0.0.3) lets remote attackers execute code or cause DoS — no authentication needed. PoC exploit published. Patch or restrict access now! https://radar.offseq.com/threat/cve-2026-3378-buffer-overflow-in-tenda-f453-0b5023a3 #OffSeq #Vulnerability #Tenda #RouterSecurity
##🟠 CVE-2026-3378 - High (8.8)
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has be...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3378/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T01:28:44
2 posts
🟠 CVE-2026-28414 - High (7.5)
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28414/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28414 - High (7.5)
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28414/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T01:26:40
2 posts
🟠 CVE-2026-26862 - High (8.3)
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessage in the Visual Builder module. The origin validation in src/modules/visualBuilder/pageBuilder.js (lines 56-60) uses the includ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26862/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26862 - High (8.3)
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessage in the Visual Builder module. The origin validation in src/modules/visualBuilder/pageBuilder.js (lines 56-60) uses the includ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26862/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T00:30:19
4 posts
🛡️ HIGH severity: CVE-2026-28562 in wpForo Forum 2.4.14 (WordPress) — unauthenticated SQL injection via wpfob, enabling blind credential extraction. Apply WAF rules & monitor logs until a fix is released. https://radar.offseq.com/threat/cve-2026-28562-improper-neutralization-of-special--22c35314 #OffSeq #WordPress #SQLInjection #Infosec
##🟠 CVE-2026-28562 - High (8.2)
wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28562/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🛡️ HIGH severity: CVE-2026-28562 in wpForo Forum 2.4.14 (WordPress) — unauthenticated SQL injection via wpfob, enabling blind credential extraction. Apply WAF rules & monitor logs until a fix is released. https://radar.offseq.com/threat/cve-2026-28562-improper-neutralization-of-special--22c35314 #OffSeq #WordPress #SQLInjection #Infosec
##🟠 CVE-2026-28562 - High (8.2)
wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28562/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T00:30:19
4 posts
🔒 CVE-2026-3376: HIGH severity buffer overflow in Tenda F453 v1.0.0.3 (/goform/SafeMacFilter). Public exploit enables remote code execution — no auth needed. Isolate devices & restrict access until patched. https://radar.offseq.com/threat/cve-2026-3376-buffer-overflow-in-tenda-f453-d5150655 #OffSeq #RouterVuln #InfoSec
##🟠 CVE-2026-3376 - High (8.8)
A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible t...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3376/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔒 CVE-2026-3376: HIGH severity buffer overflow in Tenda F453 v1.0.0.3 (/goform/SafeMacFilter). Public exploit enables remote code execution — no auth needed. Isolate devices & restrict access until patched. https://radar.offseq.com/threat/cve-2026-3376-buffer-overflow-in-tenda-f453-d5150655 #OffSeq #RouterVuln #InfoSec
##🟠 CVE-2026-3376 - High (8.8)
A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible t...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3376/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-03-01T00:16:17.487000
5 posts
⚠️ New security advisory:
CVE-2026-3377 affects multiple systems.
• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours
Full breakdown:
https://yazoul.net/advisory/cve/cve-2026-3377
⚠️ CVE-2026-3377 (HIGH): Buffer overflow in Tenda F453 v1.0.0.3 via /goform/SafeUrlFilter. Public exploit available, no patch yet. Restrict device access & monitor traffic. Details: https://radar.offseq.com/threat/cve-2026-3377-buffer-overflow-in-tenda-f453-c140c206 #OffSeq #Vulnerability #Tenda #Infosec
##🟠 CVE-2026-3377 - High (8.8)
A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Performing a manipulation of the argument page results in buffer overflow. The attack can be initiated ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3377/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##⚠️ CVE-2026-3377 (HIGH): Buffer overflow in Tenda F453 v1.0.0.3 via /goform/SafeUrlFilter. Public exploit available, no patch yet. Restrict device access & monitor traffic. Details: https://radar.offseq.com/threat/cve-2026-3377-buffer-overflow-in-tenda-f453-c140c206 #OffSeq #Vulnerability #Tenda #Infosec
##🟠 CVE-2026-3377 - High (8.8)
A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Performing a manipulation of the argument page results in buffer overflow. The attack can be initiated ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3377/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T12:30:25
2 posts
⚠️ CRITICAL vuln in Microchip TimePictra (11.0 – 11.3 SP2): CVE-2026-2844 lets remote, unauthenticated attackers manipulate configs. No patch yet — restrict access & monitor logs! https://radar.offseq.com/threat/cve-2026-2844-cwe-306-missing-authentication-for-c-aa868998 #OffSeq #TimePictra #Vulnerability #OTSecurity
##⚠️ CRITICAL vuln in Microchip TimePictra (11.0 – 11.3 SP2): CVE-2026-2844 lets remote, unauthenticated attackers manipulate configs. No patch yet — restrict access & monitor logs! https://radar.offseq.com/threat/cve-2026-2844-cwe-306-missing-authentication-for-c-aa868998 #OffSeq #TimePictra #Vulnerability #OTSecurity
##updated 2026-02-28T12:30:25
2 posts
🚨 CVE-2026-3010: CRITICAL XSS in Microchip TimePictra v11.0 – 11.3 SP2. Remote, unauthenticated attackers can inject scripts via web UI. Restrict access, enable WAF, monitor logs. Patch awaited. Full info: https://radar.offseq.com/threat/cve-2026-3010-cwe-79-improper-neutralization-of-in-f593f595 #OffSeq #XSS #ICS #Vuln
##🚨 CVE-2026-3010: CRITICAL XSS in Microchip TimePictra v11.0 – 11.3 SP2. Remote, unauthenticated attackers can inject scripts via web UI. Restrict access, enable WAF, monitor logs. Patch awaited. Full info: https://radar.offseq.com/threat/cve-2026-3010-cwe-79-improper-neutralization-of-in-f593f595 #OffSeq #XSS #ICS #Vuln
##updated 2026-02-28T09:30:14
3 posts
⚠️ New security advisory:
CVE-2025-13673 affects multiple systems.
• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours
Full breakdown:
https://yazoul.net/advisory/cve/cve-2025-13673
🟠 CVE-2025-13673 - High (7.5)
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'coupon_code' parameter in all versions up to, and including, 3.9.6 due to insufficient escaping on the user supplied parameter and ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13673/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-13673 - High (7.5)
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'coupon_code' parameter in all versions up to, and including, 3.9.6 due to insufficient escaping on the user supplied parameter and ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13673/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T07:15:57.677000
2 posts
🟠 CVE-2026-2471 - High (7.5)
The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the `BaseModel` class constructor c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2471/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2471 - High (7.5)
The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the `BaseModel` class constructor c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2471/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T04:16:19.250000
1 posts
🔴 CVE-2026-2788 - Critical (9.8)
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2788/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T02:45:38
2 posts
🟠 CVE-2026-0980 - High (8.3)
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious usern...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0980/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-0980 - High (8.3)
A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious usern...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0980/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T01:13:53.703000
1 posts
🟠 CVE-2026-3037 - High (8)
An OS command injection vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling an authenticated attacker to achieve remote code
execution on the system by modifying malicious input injected into the
MBird SMS service URL and/or cod...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3037/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-28T01:01:22.727000
2 posts
🟠 CVE-2026-27630 - High (7.5)
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service (DoS) attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforc...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27630/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27630 - High (7.5)
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service (DoS) attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforc...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27630/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:16:05.780000
2 posts
🟠 CVE-2026-28426 - High (8.7)
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious Jav...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28426/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28426 - High (8.7)
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious Jav...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28426/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:16:05.607000
2 posts
🟠 CVE-2026-28425 - High (8)
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, an authenticated control panel user with access to Antlers-enabled inputs may be able to achieve remote code execution in the application ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28425/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28425 - High (8)
Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, an authenticated control panel user with access to Antlers-enabled inputs may be able to achieve remote code execution in the application ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28425/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:13:13.603000
1 posts
🟠 CVE-2026-20902 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the map filename field during the map
upl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20902/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:11:48.947000
2 posts
🔴 CVE-2026-21718 - Critical (10)
An authentication bypass vulnerability exists in Copeland XWEB Pro
version 1.12.1 and prior, enabling any attackers to bypass the
authentication requirement and achieve pre-authenticated code execution
on the system.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21718/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-21718: CRITICAL auth bypass in Copeland XWEB 300D PRO (≤1.12.1). Remote code exec possible — no user interaction. No patch yet. Segment & monitor ICS networks! https://radar.offseq.com/threat/cve-2026-21718-cwe-327-in-copeland-copeland-xweb-3-124474ba #OffSeq #ICS #Vulnerability #Cybersecurity
##updated 2026-02-27T23:08:42.743000
1 posts
🟠 CVE-2026-23702 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
sending malicious input injected into the server username field of the
impo...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23702/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:08:17.530000
1 posts
🟠 CVE-2026-24452 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
supplying a crafted template file to the devices route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24452/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:07:40.717000
1 posts
🟠 CVE-2026-25037 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
configuring a maliciously crafted LCD state which is later processed
durin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25037/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:07:06.143000
1 posts
🟠 CVE-2026-25105 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into parameters of the Modbus command tool in...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25105/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T23:06:36.453000
1 posts
🟠 CVE-2026-25196 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the Wi-Fi SSID and/or password fields
can le...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25196/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T22:20:48
2 posts
🟠 CVE-2026-27836 - High (7.5)
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27836/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27836 - High (7.5)
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27836/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T22:16:24.667000
2 posts
🟠 CVE-2026-28416 - High (8.2)
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a mal...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28416/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28416 - High (8.2)
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a mal...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28416/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T22:16:23.513000
2 posts
🟠 CVE-2026-28406 - High (8.2)
kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28406/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28406 - High (8.2)
kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28406/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T22:16:23.160000
2 posts
🟠 CVE-2026-28400 - High (7.5)
Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime flags without authentication. These flags are pass...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28400/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28400 - High (7.5)
Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime flags without authentication. These flags are pass...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28400/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:35:03
2 posts
🟠 CVE-2026-27939 - High (8.8)
Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 and prior to version 6.4.0, Authenticated Control Panel users may under certain conditions obtain elevated privileges without completing the intended...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27939/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27939 - High (8.8)
Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 and prior to version 6.4.0, Authenticated Control Panel users may under certain conditions obtain elevated privileges without completing the intended...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27939/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:32:27
2 posts
🟠 CVE-2025-40932 - High (8.2)
Apache::SessionX versions through 2.01 for Perl create insecure session id.
Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand() ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40932/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-40932 - High (8.2)
Apache::SessionX versions through 2.01 for Perl create insecure session id.
Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand() ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40932/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:32:27
2 posts
🟠 CVE-2026-2597 - High (7.5)
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes().
The function does not validate that the length parameter is non-negative. If a negative value (e.g. -1) is supplied, th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2597/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2597 - High (7.5)
Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes().
The function does not validate that the length parameter is non-negative. If a negative value (e.g. -1) is supplied, th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2597/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:32:27
2 posts
🟠 CVE-2025-69437 - High (8.7)
PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69437/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-69437 - High (8.7)
PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69437/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:31:26
4 posts
🚨 CRITICAL: CVE-2026-27755 in SODOLA SL902-SWTGW124AS (≤200.1.20) lets attackers forge MD5-based session IDs, bypassing auth remotely. No patch yet — segment, restrict, monitor! https://radar.offseq.com/threat/cve-2026-27755-cwe-330-use-of-insufficiently-rando-27c7bdab #OffSeq #CVE202627755 #IoTSecurity #Infosec
##🔴 CVE-2026-27755 - Critical (9.8)
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess val...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27755/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-27755 in SODOLA SL902-SWTGW124AS (≤200.1.20) lets attackers forge MD5-based session IDs, bypassing auth remotely. No patch yet — segment, restrict, monitor! https://radar.offseq.com/threat/cve-2026-27755-cwe-330-use-of-insufficiently-rando-27c7bdab #OffSeq #CVE202627755 #IoTSecurity #Infosec
##🔴 CVE-2026-27755 - Critical (9.8)
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess val...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27755/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:31:21
3 posts
🔴 CVE-2026-27510 - Critical (9.6)
Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27510/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-27510 - Critical (9.6)
Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27510/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) https://boschko.ca/unitree-go2-rce/
##updated 2026-02-27T21:31:21
3 posts
🟠 CVE-2026-27509 - High (8)
Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, una...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27509/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27509 - High (8)
Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, una...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27509/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) https://boschko.ca/unitree-go2-rce/
##updated 2026-02-27T21:31:21
2 posts
🔴 CVE-2026-22207 - Critical (9.8)
OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when the root_api_key configuration is omitted. Attackers can send requests ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22207/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-22207 - Critical (9.8)
OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when the root_api_key configuration is omitted. Attackers can send requests ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22207/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:31:21
2 posts
🟠 CVE-2026-22206 - High (8.8)
SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Attackers can exploit this SQL injection flaw comb...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22206/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-22206 - High (8.8)
SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Attackers can exploit this SQL injection flaw comb...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22206/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:31:21
2 posts
🟠 CVE-2026-22205 - High (7.5)
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22205/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-22205 - High (7.5)
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22205/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T21:16:18.233000
4 posts
🔴 CVE-2026-28268 - Critical (9.8)
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28268/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL vuln in go-vikunja vikunja (<2.1.0): Password reset tokens never expire due to logic flaw, enabling persistent account takeover. Patch to v2.1.0+ now! CVE-2026-28268 https://radar.offseq.com/threat/cve-2026-28268-cwe-459-incomplete-cleanup-in-go-vi-0517b158 #OffSeq #Vuln #Security #FOSS
##🔴 CVE-2026-28268 - Critical (9.8)
Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28268/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL vuln in go-vikunja vikunja (<2.1.0): Password reset tokens never expire due to logic flaw, enabling persistent account takeover. Patch to v2.1.0+ now! CVE-2026-28268 https://radar.offseq.com/threat/cve-2026-28268-cwe-459-incomplete-cleanup-in-go-vi-0517b158 #OffSeq #Vuln #Security #FOSS
##updated 2026-02-27T20:21:37.657000
2 posts
🟠 CVE-2026-27141 - High (7.5)
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27141/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27141 - High (7.5)
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27141/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T20:21:37.167000
2 posts
🟠 CVE-2026-26861 - High (8.3)
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window.postMessage. The handleCustomHtmlPreviewPostMessageEvent function in src/util/campaignRender/nativeDisplay.js performs insufficient origin validati...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26861/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26861 - High (8.3)
CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window.postMessage. The handleCustomHtmlPreviewPostMessageEvent function in src/util/campaignRender/nativeDisplay.js performs insufficient origin validati...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26861/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T20:05:06.970000
2 posts
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
updated 2026-02-27T19:13:57.257000
2 posts
another day another critical vulnerability in openclaw 🥲🤡
"In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free execution paths that were intended to require approval."
🔐 CVE-2026-28363
📊 CVSS: 9.9 · Critical
📅 02/27/2026, 04:16 AM
🛡️ CWE: CWE-184
📦 Affected: OpenClaw OpenClaw (< 2026.2.23)
🔴 CVE-2026-28363 - Critical (9.9)
In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free execution paths that were intended to require approval....
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28363/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T19:07:37.763000
1 posts
🟠 CVE-2026-28274 - High (8.7)
Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting (XSS) in the document upload functionality. Any user with upload permissions within the "Initiatives...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28274/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T19:06:01.180000
1 posts
🟠 CVE-2026-28276 - High (7.5)
Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28276/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:36:30.553000
1 posts
🟠 CVE-2026-27635 - High (7.5)
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.0, when model render generation is enabled, a logged-in user can achieve RCE by uploading a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:36:00.687000
2 posts
🔴 CVE-2026-24352 - Critical (9.8)
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24352/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-24352 - Critical (9.8)
PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24352/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:31:12
4 posts
🚨 CRITICAL: CVE-2026-2749 hits Centreon Open Tickets (Linux Central Server). All before v25.10.3/24.10.8/24.04.7 at risk — remote exploit, full compromise possible. Restrict access & monitor systems! https://radar.offseq.com/threat/cve-2026-2749-e23f9297 #OffSeq #Centreon #Vuln
##🔴 CVE-2026-2749 - Critical (9.9)
Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2749/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-2749 hits Centreon Open Tickets (Linux Central Server). All before v25.10.3/24.10.8/24.04.7 at risk — remote exploit, full compromise possible. Restrict access & monitor systems! https://radar.offseq.com/threat/cve-2026-2749-e23f9297 #OffSeq #Centreon #Vuln
##🔴 CVE-2026-2749 - Critical (9.9)
Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2749/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:30:41.480000
1 posts
🟠 CVE-2026-3271 - High (8.8)
A vulnerability was found in Tenda F453 1.0.0.3. This impacts the function fromP2pListFilter of the file /goform/P2pListFilterof of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be launched r...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3271/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T18:16:12.897000
4 posts
🔐 CVE-2026-27751 (CRITICAL): SODOLA SL902-SWTGW124AS gateways (≤200.1.20) use default creds, enabling remote admin takeover. Change all passwords or restrict access ASAP! No patch yet. https://radar.offseq.com/threat/cve-2026-27751-cwe-1392-use-of-default-credentials-706a3fb0 #OffSeq #Vuln #IoTSecurity #NetworkSecurity
##🔴 CVE-2026-27751 - Critical (9.8)
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27751/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔐 CVE-2026-27751 (CRITICAL): SODOLA SL902-SWTGW124AS gateways (≤200.1.20) use default creds, enabling remote admin takeover. Change all passwords or restrict access ASAP! No patch yet. https://radar.offseq.com/threat/cve-2026-27751-cwe-1392-use-of-default-credentials-706a3fb0 #OffSeq #Vuln #IoTSecurity #NetworkSecurity
##🔴 CVE-2026-27751 - Critical (9.8)
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27751/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T17:22:23.443000
2 posts
🔴 CVE-2025-11251 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026.
NOTE...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-11251/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-11251 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026.
NOTE...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-11251/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T17:14:16.193000
2 posts
🟠 CVE-2026-27942 - High (7.5)
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with `pr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27942/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27942 - High (7.5)
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with `pr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27942/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T16:58:27.747000
2 posts
⚠️ CRITICAL: CVE-2026-28370 in OpenStack Vitrage (CVSS 9.1) enables authenticated RCE via eval injection in query parser. Upgrade to fixed versions, restrict API access, and monitor logs. Affects 0, 13.0.0, 14.0.0, 15.0.0. Details: https://radar.offseq.com/threat/cve-2026-28370-cwe-95-improper-neutralization-of-d-e403f347 #OffSeq #OpenStack #Vuln
##🔴 CVE-2026-28370 - Critical (9.1)
In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unau...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28370/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T16:16:25.827000
2 posts
1 repos
🔴 CVE-2026-2750 - Critical (9.1)
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2750/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-2750 - Critical (9.1)
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2750/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T16:03:55
2 posts
🟠 CVE-2026-27969 - High (8.8)
Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipulate backup manifest files so that files in the...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27969/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27969 - High (8.8)
Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipulate backup manifest files so that files in the...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27969/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:53:07.053000
2 posts
🔴 CVE-2026-28215 - Critical (9.1)
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticated attacker can overwrite the entire infrastructure configuration of a self-hosted Hoppscotch instance including OAuth provider credentials and SMTP...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28215/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-28215 - Critical (9.1)
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticated attacker can overwrite the entire infrastructure configuration of a self-hosted Hoppscotch instance including OAuth provider credentials and SMTP...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28215/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:43:26.510000
1 posts
🟠 CVE-2026-25136 - High (8.1)
Rucio is a software framework that provides functionality to organize, manage, and access large volumes of scientific data using customizable policies. A reflected Cross-site Scripting vulnerability was located in versions prior to 35.8.3, 38.5.4,...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25136/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:36:49.730000
4 posts
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
🔴 CVE-2026-3301 - Critical (9.8)
A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3301/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##⚠️ CRITICAL OS command injection in Totolink N300RH (v6.1c.1353_B20190305) — CVE-2026-3301. Unauthenticated remote exploit possible, with public exploit code out. Restrict access & monitor until patch released. https://radar.offseq.com/threat/cve-2026-3301-os-command-injection-in-totolink-n30-8ab5e0b9 #OffSeq #CVE20263301 #IoTSecurity
##updated 2026-02-27T15:34:20
2 posts
🟠 CVE-2026-2751 - High (8.3)
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2751/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2751 - High (8.3)
Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2751/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:34:19
2 posts
🔴 CVE-2025-11252 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026.
NOTE: The vendor ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-11252/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-11252 - Critical (9.8)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026.
NOTE: The vendor ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-11252/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T15:34:18
2 posts
🟠 CVE-2026-23750 - High (8.1)
Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23750/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-23750 - High (8.1)
Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23750/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:57:09.820000
2 posts
🔴 CVE-2026-25997 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipboard_format_equal` reads freed `lastSentFormats` memory because `xf_clipboard_formats_free` (called from the cliprdr channel thread during auto-reco...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25997/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25997 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipboard_format_equal` reads freed `lastSentFormats` memory because `xf_clipboard_formats_free` (called from the cliprdr channel thread during auto-reco...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25997/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:56:40.630000
2 posts
🔴 CVE-2026-25955 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surface buffer, because `gdi_DeleteSurface` frees `su...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25955/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25955 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surface buffer, because `gdi_DeleteSurface` frees `su...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25955/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:55:56.937000
2 posts
🔴 CVE-2026-25953 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reads from a freed `xfAppWindow` because the RDPGFX DVC thread obtains a bare pointer via `xf_rail_get_window` without any li...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25953/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25953 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reads from a freed `xfAppWindow` because the RDPGFX DVC thread obtains a bare pointer via `xf_rail_get_window` without any li...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25953/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:50:07.533000
1 posts
🟠 CVE-2026-26955 - High (8.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an RDPGFX ClearCode...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26955/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:16:27.567000
2 posts
🟠 CVE-2025-10990 - High (7.5)
A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-10990/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-10990 - High (7.5)
A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-10990/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
2 posts
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
updated 2026-02-27T14:06:59.787000
6 posts
CVE-2026-21902 represents a high-impact infrastructure exposure.
Affected platform: Junos OS Evolved on PTX series routers.
Attack vector: Unauthenticated network access.
Privilege level: Root execution.
Service: On-Box Anomaly Detection, enabled by default.
Strategic risk:
• Traffic interception capability
• Policy manipulation
• Controller redirection
• Lateral pivoting
• Long-term foothold persistence
Although no exploitation has been observed, historically, high-performance routing infrastructure is a prime target due to its control-plane visibility and network centrality.
Recommended actions:
– Immediate patch validation
– Control-plane traffic monitoring
– Service exposure review
– Network segmentation validation
– Threat hunting for anomalous routing behavior
Are infrastructure devices integrated into your continuous detection engineering pipeline?
Source: https://www.securityweek.com/juniper-networks-ptx-routers-affected-by-critical-vulnerability/
Engage below.
Follow TechNadu for high-signal vulnerability intelligence.
Repost to strengthen security awareness.
#Infosec #CVE2026 #Juniper #RouterSecurity #CriticalInfrastructure #ThreatModeling #DetectionEngineering #NetworkDefense #ZeroTrustArchitecture #CyberRisk #SecurityOperations #VulnerabilityManagement
##Critical Root RCE Vulnerability Patched in Juniper PTX Series Routers
Juniper Networks patched a critical vulnerability (CVE-2026-21902) in Junos OS Evolved on PTX Series routers that allows unauthenticated attackers to gain root access via a framework that should have been internal but is publicly exposed and not authenticated.
**If you are using Junos OS Evolved, this is important. Either immediately patch your PTX Series routers or disable the 'On-Box Anomaly Detection' service. Depending on configuration, review if you can isolate the network devices from the public internet to mitigate the impact.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-root-rce-vulnerability-patched-in-juniper-ptx-series-routers-i-9-2-e-h/gD2P6Ple2L
CVE-2026-21902 represents a high-impact infrastructure exposure.
Affected platform: Junos OS Evolved on PTX series routers.
Attack vector: Unauthenticated network access.
Privilege level: Root execution.
Service: On-Box Anomaly Detection, enabled by default.
Strategic risk:
• Traffic interception capability
• Policy manipulation
• Controller redirection
• Lateral pivoting
• Long-term foothold persistence
Although no exploitation has been observed, historically, high-performance routing infrastructure is a prime target due to its control-plane visibility and network centrality.
Recommended actions:
– Immediate patch validation
– Control-plane traffic monitoring
– Service exposure review
– Network segmentation validation
– Threat hunting for anomalous routing behavior
Are infrastructure devices integrated into your continuous detection engineering pipeline?
Source: https://www.securityweek.com/juniper-networks-ptx-routers-affected-by-critical-vulnerability/
Engage below.
Follow TechNadu for high-signal vulnerability intelligence.
Repost to strengthen security awareness.
#Infosec #CVE2026 #Juniper #RouterSecurity #CriticalInfrastructure #ThreatModeling #DetectionEngineering #NetworkDefense #ZeroTrustArchitecture #CyberRisk #SecurityOperations #VulnerabilityManagement
##Critical Root RCE Vulnerability Patched in Juniper PTX Series Routers
Juniper Networks patched a critical vulnerability (CVE-2026-21902) in Junos OS Evolved on PTX Series routers that allows unauthenticated attackers to gain root access via a framework that should have been internal but is publicly exposed and not authenticated.
**If you are using Junos OS Evolved, this is important. Either immediately patch your PTX Series routers or disable the 'On-Box Anomaly Detection' service. Depending on configuration, review if you can isolate the network devices from the public internet to mitigate the impact.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-root-rce-vulnerability-patched-in-juniper-ptx-series-routers-i-9-2-e-h/gD2P6Ple2L
The security issue is identified as CVE-2026-21902 and is caused by incorrect permission assignment in the ‘On-Box Anomaly Detection’ framework, which should be exposed to internal processes only over the internal routing interface. bleepingcomputer.com/news/security/critical-juniper-networks-ptx-flaw-allows-full-router-takeover/
##A single mistake in Juniper PTX routers now lets anyone on the network take full control—no password needed. How safe is the backbone of the internet really?
##updated 2026-02-27T14:06:59.787000
2 posts
🟠 CVE-2026-28136 - High (7.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through <= 6.9.12.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28136/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28136 - High (7.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through <= 6.9.12.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28136/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
🚨 CVE-2026-27497 (CRITICAL, CVSS 9.4): n8n-io n8n code injection via Merge node's SQL query mode. Authenticated users can achieve RCE and write files. Upgrade to v2.10.1/2.9.3/1.123.22 now! https://radar.offseq.com/threat/cve-2026-27497-cwe-94-improper-control-of-generati-7583bd72 #OffSeq #n8n #CodeInjection #Infosec
##updated 2026-02-27T14:06:59.787000
1 posts
⚠️ CRITICAL: CVE-2026-27577 in n8n allows authenticated users to inject code & run system commands (CVSS 9.4). Affected: <2.10.1, <2.9.3, <1.123.22. Upgrade ASAP & restrict workflow perms! https://radar.offseq.com/threat/cve-2026-27577-cwe-94-improper-control-of-generati-fe1b37b0 #OffSeq #n8n #vuln #infosec
##updated 2026-02-27T14:06:59.787000
1 posts
🟠 CVE-2026-3172 - High (8.1)
Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3172/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:59.787000
1 posts
🔴 CVE-2026-27575 - Critical (9.1)
Vikunja is an open-source self-hosted task management platform. Prior to version 2.0.0, the application allows users to set weak passwords (e.g., 1234, password) without enforcing minimum strength requirements. Additionally, active sessions remain...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27575/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
4 posts
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
🔴 CVE-2026-24663 - Critical (9)
An OS command injection vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling an unauthenticated attacker to achieve remote code
execution on the system by sending a crafted request to the libraries
installation route and injectin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24663/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-24663 (CRITICAL, CVSS 9.0): Copeland XWEB 300D PRO (≤1.12.1) has an unauthenticated command injection flaw. RCE possible over network, no exploit public yet. Segment networks & restrict access! https://radar.offseq.com/threat/cve-2026-24663-cwe-78-in-copeland-copeland-xweb-30-1c773deb #OffSeq #ICS #OTSecurity #Vuln
##updated 2026-02-27T14:06:37.987000
2 posts
🔴 CVE-2025-50857 - Critical (9.8)
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-50857/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2025-50857 - Critical (9.8)
ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-50857/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
2 posts
🟠 CVE-2026-26682 - High (7.8)
An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26682/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26682 - High (7.8)
An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26682/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
2 posts
🟠 CVE-2026-26938 - High (8.6)
Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery (SSRF) ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26938/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26938 - High (8.6)
Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery (SSRF) ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26938/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
3 posts
🟠 CVE-2026-27449 - High (7.5)
Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The aff...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27449/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27449 - High (7.5)
Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The aff...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27449/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🛡️ HIGH severity: CVE-2026-27449 impacts Umbraco Engage.Forms (<16.2.1, 17.0.0 – 17.1.0). Improper access control lets unauthenticated attackers extract sensitive analytics & customer data. Patch to 16.2.1/17.1.1 now! https://radar.offseq.com/threat/cve-2026-27449-cwe-284-improper-access-control-in--fadf6848 #OffSeq #Umbraco #Infosec
##updated 2026-02-27T14:06:37.987000
2 posts
🟠 CVE-2026-2252 - High (7.5)
An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references.
This issue affects Xerox FreeFlow Core versions up to and includ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2252/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-2252 - High (7.5)
An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references.
This issue affects Xerox FreeFlow Core versions up to and includ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2252/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
2 posts
Multiple Vulnerabilities Discovered in Chargemap Platform
Chargemap's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-25851), that allow unauthenticated attackers to impersonate charging stations and gain administrative control.
**Make sure your Chargemap station management is isolated from the internet and behind a firewall or VPN. Since the vendor has not released a patch that's your only defense until the vendor does something or you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-discovered-in-chargemap-platform-z-y-h-q-j/gD2P6Ple2L
🔴 CVE-2026-25851 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25851/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-28211 - High (7.8)
The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitra...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28211/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-25113 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25113/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-25945 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25945/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-24689 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the devices field of the firmware update
ap...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24689/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-25195 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
supplying a crafted firmware update file via the firmware update route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25195/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-25109 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the devices field when accessing the get
s...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25109/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-24695 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into OpenSSL argument fields within requests
...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24695/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-26305 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26305/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-26078 - High (7.5)
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, when the `patreon_webhook_secret` site setting is blank, an attacker can forge valid webhook signatures by computing an HMAC-MD5 with an empty st...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26078/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2026-26265 - High (7.5)
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an IDOR vulnerability in the directory items endpoint allows any user, including anonymous users, to retrieve private user field values for all u...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26265/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T14:06:37.987000
1 posts
🟠 CVE-2025-14343 - High (7.6)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dokuzsoft Technology Ltd. E-Commerce Product allows Reflected XSS.This issue affects E-Commerce Product: through 10122025.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14343/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T09:30:35
2 posts
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
updated 2026-02-27T09:30:35
2 posts
⛔ New security advisory:
CVE-2025-12981 affects multiple systems.
• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://yazoul.net/advisory/cve/cve-2025-12981
🔴 CVE-2025-12981 - Critical (9.8)
The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly saniti...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-12981/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T09:30:35
3 posts
🔴 CVE-2026-2251 - Critical (9.8)
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.
...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2251/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-2251 - Critical (9.8)
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.
...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2251/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-2251 in Xerox FreeFlow Core (≤8.0.7) allows unauthenticated RCE via path traversal. Patch to 8.1.0 urgently! Full system compromise possible. Details: https://radar.offseq.com/threat/cve-2026-2251-cwe-22-improper-limitation-of-a-path-309f50e5 #OffSeq #Infosec #CVE20262251 #PrintSecurity
##updated 2026-02-27T06:31:39
1 posts
🟠 CVE-2026-1442 - High (7.8)
Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker (or anyone paying attention), the firmware updates may be altered by an unauthorized user, and then trusted by a Unitre...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1442/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T06:31:34
1 posts
🟠 CVE-2026-2428 - High (7.5)
The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN (Instant Payment Notification) verification being dis...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2428/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T06:31:34
1 posts
🟠 CVE-2026-28364 - High (7.9)
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28364/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:34
1 posts
🟠 CVE-2026-3273 - High (8.8)
A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset of the component httpd. Such manipulation of the argument mit_ssid_index leads to buffer overf...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3273/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:34
1 posts
🟠 CVE-2026-3274 - High (8.8)
A security flaw has been discovered in Tenda F453 1.0.0.3. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. The attac...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3274/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
3 posts
Critical Authentication and Session Flaws Discovered in Mobility46 EV Charging Stations
Mobility46's EV charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27028), that allow attackers to impersonate charging stations and seize administrative control. The vendor has not responded with a patch.
**If you operate Mobility46 charging stations, make sure that the systems are isolated from the internet and accessible only from trusted networks or VPN.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-and-session-flaws-discovered-in-mobility46-ev-charging-stations-h-c-g-0-l/gD2P6Ple2L
🔴 CVE-2026-27028 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27028/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-27028 (CRITICAL, CVSS 9.4) hits all Mobility46 mobility46.se versions: missing auth on WebSocket endpoints lets remote attackers impersonate charging stations and control OCPP traffic. Patch ASAP! https://radar.offseq.com/threat/cve-2026-27028-cwe-306-in-mobility46-mobility46se-f694ef80 #OffSeq #CyberSecurity #EVCharging #CVE
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-21389 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the request body sent to the contacts
import...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21389/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-20910 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the devices field of the firmware update
upd...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20910/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-24517 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into requests sent to the firmware update
route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24517/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-24445 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24445/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-25111 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into requests sent to the restore route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25111/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-25085 - High (8.6)
A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in
which an unexpected return value from the authentication routine is
later on processed as a legitimate value, resulting in an authentication
bypass.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25085/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-20764 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
providing malicious input via the device hostname configuration which
is la...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20764/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-3275 - High (8.8)
A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Executing a manipulation of the argument entrys can lead to buffer overflow. The attack may be pe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3275/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:33
1 posts
🟠 CVE-2026-25721 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the server username and/or password
fields o...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25721/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:30:32
1 posts
🟠 CVE-2026-20742 - High (8)
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into requests sent to the templates route.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20742/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T03:15:54.487000
2 posts
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
updated 2026-02-27T00:31:52
3 posts
🔴 New security advisory:
CVE-2026-27767 affects multiple systems.
• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://yazoul.net/advisory/cve/cve-2026-27767
Critical Vulnerabilities in SWITCH EV Charging Platform Allow Station Impersonation
SWITCH EV's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27767), that allow attackers to impersonate charging stations and hijack sessions.
**Make sure your SWITCH EV station management is isolated from the internet and behind a firewall or VPN. Since the vendor has not released a patch that's your only defense until the vendor does something or you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerabilities-in-switch-ev-charging-platform-allow-station-impersonation-e-g-h-5-x/gD2P6Ple2L
🔴 CVE-2026-27767 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27767/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T00:31:52
2 posts
🔴 CVE-2026-20781 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20781/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Multiple Vulnerabilities in CloudCharge EV Platform, Including One Critical
CloudCharge's EV charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-20781), that allow attackers to impersonate charging stations and hijack sessions.
**Treat your EV charging stations as high-risk entry points and disconnect them from the public internet immediately. Since the vendor hasn't provided a fix, your only real defense is to isolate these systems behind a VPN and very strict firewall rules**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-in-cloudcharge-ev-platform-including-one-critical-f-b-y-d-0/gD2P6Ple2L
updated 2026-02-27T00:31:52
2 posts
🔴 CVE-2026-24731 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24731/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: CVE-2026-24731 in EV2GO ev2go.io — all versions. WebSocket endpoints have no auth, letting attackers impersonate stations, escalate privileges, and manipulate backend data. Monitor OCPP traffic now. https://radar.offseq.com/threat/cve-2026-24731-cwe-306-in-ev2go-ev2goio-e42cb5b8 #OffSeq #CVE202624731 #infosec #EVsecurity
##updated 2026-02-27T00:31:52
1 posts
🟠 CVE-2026-20792 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or misrouting legitimate charge...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20792/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T00:31:52
1 posts
🟠 CVE-2026-3272 - High (8.8)
A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. This manipulation of the argument page causes buffer overflow. Remote exploitation of the ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3272/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T00:31:51
2 posts
Multiple Vulnerabilities Reported in EV Energy Charging Platform
EV Energy's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27772), that allow attackers to hijack electric vehicle charging stations and disrupt energy infrastructure.
**Make sure to isolate EV Energy systems from the public internet and use a VPN for any required remote management. Since the vendor hasn't released a patch, this is your only defense until you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerabilities-in-ev-energy-charging-platform-allow-remote-hijacking-b-x-t-d-l/gD2P6Ple2L
🔴 CVE-2026-27772 - Critical (9.4)
WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27772/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-27T00:31:51
1 posts
🟠 CVE-2026-25114 - High (7.5)
The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25114/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T22:20:51.270000
1 posts
🔴 CVE-2026-2799 - Critical (9.8)
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2799/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T22:20:51.097000
1 posts
🔴 CVE-2026-2797 - Critical (9.8)
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2797/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:32:34
1 posts
🟠 CVE-2026-2803 - High (7.5)
Information disclosure, mitigation bypass in the Settings UI component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2803/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:32:34
1 posts
🔴 CVE-2026-2800 - Critical (9.8)
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2800/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:31:39
2 posts
🟠 CVE-2026-1565 - High (8.8)
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WPUF_Admin_Settings::check_filetype_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1565/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-1565 - High (8.8)
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WPUF_Admin_Settings::check_filetype_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1565/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T21:31:30
2 posts
🟠 CVE-2025-71057 - High (8.2)
Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71057/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-71057 - High (8.2)
Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-71057/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T19:55:35
2 posts
🟠 CVE-2026-27888 - High (7.5)
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the `xfa` property of a reader or writer and the corre...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27888/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27888 - High (7.5)
pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the `xfa` property of a reader or writer and the corre...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27888/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T18:32:43
2 posts
🔴 CVE-2026-27849 - Critical (9.8)
Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network.
This issue affects MR9600: 1.0.4.205530; M...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27849/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-27849 - Critical (9.8)
Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network.
This issue affects MR9600: 1.0.4.205530; M...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27849/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T18:32:43
1 posts
🟠 CVE-2026-22719 - High (8.1)
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted prod...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22719/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T16:32:25.233000
1 posts
🟠 CVE-2026-3179 - High (8.1)
The FTP Backup on the ADM does not properly sanitize filenames received from the FTP server when parsing directory listings. A malicious server or MITM attacker can craft filenames containing path traversal sequences, causing the client to write f...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3179/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T16:20:09.420000
1 posts
1 repos
Five Eyes warning: Cisco SD-WAN actively exploited by UAT-8616.
• CVE-2026-20127
• CVE-2022-20775
• Root access & rogue control-plane peering
• Persistence in edge devices
Immediate patching & threat hunting required.
Are you checking for downgrade events?
##updated 2026-02-26T16:20:02.187000
9 posts
2 repos
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
🖲️ #Cybersecurity #Ciberseguridad #Ciberseguranca #Security #Seguridad #Seguranca #News #Noticia #Noticias #Tecnologia #Technology
⚫ Cisco SD-WAN Zero-Day Under Exploitation for 3 Years
🔗 https://www.darkreading.com/vulnerabilities-threats/cisco-sd-wan-zero-day-exploitation-3-years
The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very little evidence behind.
##Cisco has an updated critical advisory:
CVE-2026-20127: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk @TalosSecurity #Cisco #infosec #vulnerability
##📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
Cisco has an updated critical advisory:
CVE-2026-20127: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk @TalosSecurity #Cisco #infosec #vulnerability
##Cisco SDWAN Controller vulnerability in the wild and at the network edge. CVE-2026-20127 by UAT-8616. Heads up. https://blog.talosintelligence.com/uat-8616-sd-wan/ #threatintelligence #cybersecurity #cisco
##Five Eyes warning: Cisco SD-WAN actively exploited by UAT-8616.
• CVE-2026-20127
• CVE-2022-20775
• Root access & rogue control-plane peering
• Persistence in edge devices
Immediate patching & threat hunting required.
Are you checking for downgrade events?
##Si vous administrez une infrastructure réseau utilisant Cisco Catalyst SD-WAN, une vulnérabilité critique actuellement exploitée sur Internet permet à un attaquant distant sans authentification d’obtenir un accès administrateur au système. Une exploitation réussie peut permettre de modifier la configuration réseau, d’espionner les communications ou de maintenir un accès discret à l’infrastructure.
Les investigations effectuées par Cisco Talos montrent que ces attaques sont menées par un acteur sophistiqué et que des compromissions ont été observées depuis au moins 2023, avec dans certains cas une élévation de privilèges jusqu’au contrôle complet du système après modification de la version logicielle.
Selon Cisco, un système SD-WAN peut être particulièrement exposé si :
le contrôleur SD-WAN est accessible depuis Internet
des ports sont ouverts vers l’extérieur
l’accès n’est pas limité aux adresses IP autorisées
Les éléments suivants peuvent indiquer qu’un système SD-WAN a été compromis :
une nouvelle connexion SD-WAN inconnue
un accès administrateur inattendu
des journaux système effacés ou incomplets
des mises à jour ou rétrogradations non planifiées
Cisco recommande de vérifier certains journaux système pour détecter une compromission éventuelle.
Par exemple, dans le fichier /var/log/auth.log, une connexion SSH au compte vmanage-admin depuis une adresse IP inconnue peut être suspecte :
Accepted publickey for vmanage-admin from -adresse IP inconnue-
Dans ce cas, il faut vérifier que l’adresse IP correspond bien à un équipement SD-WAN autorisé (visible dans l’interface SD-WAN Manager → Devices → System IP).
PRODUITS CONCERNÉS
Cette vulnérabilité affecte :
Cisco Catalyst SD-WAN Controller
Cisco Catalyst SD-WAN Manager
Quel que soit le mode de déploiement :
Déploiement sur site (On-Premise)
Cisco Hosted SD-WAN Cloud
Cisco Hosted SD-WAN Cloud – Cisco Managed
Cisco Hosted SD-WAN Cloud – Environnement FedRAMP
ACTIONS RECOMMANDÉES
Application des mises à jour recommandée dès que possible
Surveillance des connexions et changements inhabituels recommandée
Restreindre l’accès réseau aux seuls équipements autorisés
Conserver les journaux sur un serveur externe si possible
Placer les contrôleurs derrière un firewall
analyse Cisco Talos
👇
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk
Détails Vulnérabilité critique CVE-2026-20127
👇
https://cve.circl.lu/vuln/CVE-2026-20127
Investigation conducted by intelligence partners identified that the actor likely escalated to root user via a software version downgrade
👇
https://www.cyber.gov.au/sites/default/files/2026-02/ACSC-led%20Cisco%20SD-WAN%20Hunt%20Guide.pdf
“Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious rogue peers to targeted networks.”
##updated 2026-02-26T15:30:37
1 posts
🟠 CVE-2026-3071 - High (8.4)
Deserialization of untrusted data in the LanguageModel class of Flair from versions 0.4.1 to latest are vulnerable to arbitrary code execution when loading a malicious model.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3071/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T03:32:24
2 posts
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
updated 2026-02-26T03:06:13.490000
2 posts
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
updated 2026-02-26T03:00:27.553000
1 posts
🟠 CVE-2026-24443 - High (8.8)
EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the account management functionality of the Web Reports interface. The password change mechanism does not require validation of the current password bef...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24443/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T00:31:24
1 posts
🔴 CVE-2026-2806 - Critical (9.1)
Uninitialized memory in the Graphics: Text component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2806/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-26T00:31:24
1 posts
🔴 CVE-2026-2805 - Critical (9.8)
Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2805/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:32:26
1 posts
🔴 CVE-2026-2796 - Critical (9.8)
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2796/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:32:26
1 posts
🔴 CVE-2026-2795 - Critical (9.8)
Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2795/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:32:26
1 posts
🟠 CVE-2026-27850 - High (7.5)
Due to an improperly configured firewall rule, the router will accept any connection on the WAN port with the source port 5222, exposing all services which are normally only accessible through the local network.
This issue affects MR9600: 1.0.4.20...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27850/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:32:25
1 posts
🟠 CVE-2026-2801 - High (7.5)
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2801/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:31:26
1 posts
🟠 CVE-2026-1662 - High (7.5)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause Denial of Service by sending specially crafted reque...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1662/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:31:25
1 posts
🟠 CVE-2025-14511 - High (7.5)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted files...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14511/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:31:25
1 posts
🟠 CVE-2026-1388 - High (7.5)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause regular expression denial of service by sending speci...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1388/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T21:31:25
1 posts
🟠 CVE-2026-0752 - High (8)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that under certain circumstances, could have allowed an unauthenticated user to inject arbitrary scripts into...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0752/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T19:43:24.757000
1 posts
🔴 CVE-2026-2807 - Critical (9.8)
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2807/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T19:32:30.417000
2 posts
1 repos
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 974
Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34
Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76
Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13
Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10
Top EPSS Score:
- CVE-2026-3301 - 2.90 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-3301)
- CVE-2025-70328 - 2.51 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70328)
- CVE-2026-20127 - 2.19 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20127)
- CVE-2025-70327 - 1.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2025-70327)
- CVE-2026-24663 - 1.35 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24663)
- CVE-2026-22553 - 0.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22553)
- CVE-2026-26222 - 0.85 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26222)
- CVE-2026-26331 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-26331)
- CVE-2026-27498 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27498)
- CVE-2026-21658 - 0.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21658)
updated 2026-02-25T18:32:40
2 posts
Oh look, a 9.8 critical vulnerability in the NSS service used by #Firefox and #Thunderbird.
##updated 2026-02-25T18:32:40
1 posts
🔴 CVE-2026-2786 - Critical (9.8)
Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2786/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T18:31:36
1 posts
1 repos
🟠 CVE-2025-67445 - High (7.5)
TOTOLINK X5000R V9.1.0cu.2415_B20250515 contains a denial-of-service vulnerability in /cgi-bin/cstecgi.cgi. The CGI reads the CONTENT_LENGTH environment variable and allocates memory using malloc (CONTENT_LENGTH + 1) without sufficient bounds chec...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67445/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-25T15:32:44
1 posts
🔴 CVE-2026-2787 - Critical (9.8)
Use-after-free in the DOM: Window and Location component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2787/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-24T21:38:18.607000
3 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
CISA Reports Actively Exploited Soliton FileZen Command Injection Vulnerability
CISA reports active exploitation of a critical command injection vulnerability (CVE-2026-25108) in Soliton Systems' FileZen following reports of active exploitation and potential ransomware links. The flaw allows authenticated attackers to execute arbitrary OS commands on appliances with antivirus scanning enabled.
**Update your FileZen appliances to version 5.0.11 ASAP and reset all user passwords to block attackers using stolen credentials. Check your system directory logs for any unauthorized file changes to confirm if your system was already compromised. Isolation is not really an option, since this platform is designed to be accessible by external users.**
#cybersecurity #infosec #advisory #ransomware
https://beyondmachines.net/event_details/cisa-reports-actively-exploited-soliton-filezen-command-injection-vulnerability-j-l-i-1-c/gD2P6Ple2L
updated 2026-02-24T18:32:04
1 posts
All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5. https://www.securityweek.com/solarwinds-patches-four-critical-serv-u-vulnerabilities/
##updated 2026-02-24T09:31:31
1 posts
All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5. https://www.securityweek.com/solarwinds-patches-four-critical-serv-u-vulnerabilities/
##updated 2026-02-24T03:30:30
1 posts
Zyxel addresses critical CVE-2025-13942 RCE affecting UPnP in 4G/5G CPEs, DSL/Ethernet, Fiber ONTs, and wireless extenders. Exploitation requires WAN + UPnP enabled; Shadowserver tracks ~120k exposed devices.
Additional post-auth command-injection flaws (CVE-2025-13943, CVE-2026-1459) patched. EOL devices (VMG1312, VMG3312/13, SBG3300/3500) remain unpatched; replacement recommended.
Mitigation recommendations:
• Apply firmware updates immediately
• Disable unnecessary UPnP/WAN access
• Monitor network exposure of legacy devices
• Track patched vs. unpatched CPEs/routers in enterprise inventories
How are you prioritizing critical RCE patches for network devices? Comment below and follow for in-depth threat reporting.
#NetworkSecurity #IoTSecurity #PatchManagement #RCE #RouterSecurity #CVE #ThreatIntel #Infosec #ZeroTrust #EnterpriseSecurity
##updated 2026-02-24T03:30:27
2 posts
⚪️ Critical RCE Vulnerability Affects Over 10 Zyxel Router Models
🗨️ Zyxel developers have released patches that fix a critical vulnerability affecting more than ten router models. The bug allows unauthenticated attackers to remotely execute commands on the devices. The vulnerability is tracked as CVE-2025-13942 and is a command injection issue…
##Zyxel addresses critical CVE-2025-13942 RCE affecting UPnP in 4G/5G CPEs, DSL/Ethernet, Fiber ONTs, and wireless extenders. Exploitation requires WAN + UPnP enabled; Shadowserver tracks ~120k exposed devices.
Additional post-auth command-injection flaws (CVE-2025-13943, CVE-2026-1459) patched. EOL devices (VMG1312, VMG3312/13, SBG3300/3500) remain unpatched; replacement recommended.
Mitigation recommendations:
• Apply firmware updates immediately
• Disable unnecessary UPnP/WAN access
• Monitor network exposure of legacy devices
• Track patched vs. unpatched CPEs/routers in enterprise inventories
How are you prioritizing critical RCE patches for network devices? Comment below and follow for in-depth threat reporting.
#NetworkSecurity #IoTSecurity #PatchManagement #RCE #RouterSecurity #CVE #ThreatIntel #Infosec #ZeroTrust #EnterpriseSecurity
##updated 2026-02-24T03:30:27
1 posts
Zyxel addresses critical CVE-2025-13942 RCE affecting UPnP in 4G/5G CPEs, DSL/Ethernet, Fiber ONTs, and wireless extenders. Exploitation requires WAN + UPnP enabled; Shadowserver tracks ~120k exposed devices.
Additional post-auth command-injection flaws (CVE-2025-13943, CVE-2026-1459) patched. EOL devices (VMG1312, VMG3312/13, SBG3300/3500) remain unpatched; replacement recommended.
Mitigation recommendations:
• Apply firmware updates immediately
• Disable unnecessary UPnP/WAN access
• Monitor network exposure of legacy devices
• Track patched vs. unpatched CPEs/routers in enterprise inventories
How are you prioritizing critical RCE patches for network devices? Comment below and follow for in-depth threat reporting.
#NetworkSecurity #IoTSecurity #PatchManagement #RCE #RouterSecurity #CVE #ThreatIntel #Infosec #ZeroTrust #EnterpriseSecurity
##updated 2026-02-23T18:14:13.887000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-20T21:31:21
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-18T18:30:35
3 posts
Chinese hackers exploiting Dell zero-day flaw since mid-2024! #Cybersecurity #China
##📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-18T17:55:46.557000
1 posts
updated 2026-02-17T15:31:33
4 posts
5 repos
https://github.com/richardpaimu34/CVE-2026-1731
https://github.com/cybrdude/cve-2026-1731-scanner
https://github.com/hexissam/CVE-2026-1731
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).
Check out the wrap up at https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-02-27-2026/
##📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).
Check out the wrap up at https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-02-27-2026/
##updated 2026-02-13T14:03:47.787000
1 posts
2 repos
https://github.com/George0Papasotiriou/CVE-2025-15556-Notepad-WinGUp-Updater-RCE
What to Know About the Notepad++ Supply-Chain Attack
A critical Notepad++ supply-chain flaw (CVE-2025-15556) enabled stealthy APT access. Understand the attack chain and how to defend your systems.
🔗️ [Flashpoint] https://link.is.it/AW0p8x
##updated 2026-02-12T15:20:13.990000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-10T17:03:53.480000
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-10T15:06:48.767000
2 posts
🟠 CVE-2026-27950 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the S...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27950/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27950 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the S...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27950/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-02-06T21:30:47
1 posts
updated 2026-02-05T18:30:36
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-03T19:32:57
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-02-02T15:04:41.717000
3 posts
2 repos
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852 - Check Point Research
##updated 2026-01-30T18:31:21
2 posts
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 5003
Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537
Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83
Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76
Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29
Top EPSS Score:
- CVE-2026-1731 - 61.83 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1731)
- CVE-2026-2329 - 41.14 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2329)
- CVE-2026-22769 - 34.16 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22769)
- CVE-2026-25108 - 18.59 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25108)
- CVE-2026-2033 - 15.58 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-2033)
- CVE-2020-37123 - 12.89 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37123)
- CVE-2026-1603 - 11.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1603)
- CVE-2026-1687 - 5.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1687)
- CVE-2020-37088 - 4.95 % (https://secdb.nttzen.cloud/cve/detail/CVE-2020-37088)
- CVE-2026-1207 - 4.78 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-1207)
updated 2026-01-27T18:33:14
1 posts
2 repos
https://github.com/MaxMnMl/smartermail-CVE-2026-23760-poc
https://github.com/hilwa24/CVE-2026-23760_SmarterMail-Auth-Bypass-and-RCE
CVE-2026-23760 - Changed to Known Ransomware Status
SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel VulnerabilityVendor: SmarterToolsProduct: SmarterMailSmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token whenhttps://nvd.nist.gov/vuln/detail/CVE-2026-23760
##updated 2025-10-24T13:54:58.783000
3 posts
10 repos
https://github.com/AnonStorks/CVE-2025-0282-Full-version
https://github.com/almanatra/CVE-2025-0282
https://github.com/absholi7ly/CVE-2025-0282-Ivanti-exploit
https://github.com/Hexastrike/Ivanti-Connect-Secure-Logs-Parser
https://github.com/punitdarji/Ivanti-CVE-2025-0282
https://github.com/sfewer-r7/CVE-2025-0282
https://github.com/AdaniKamal/CVE-2025-0282
https://github.com/watchtowrlabs/CVE-2025-0282
"CISA warns that RESURGE malware can be dormant on Ivanti devices"
"[...] Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. The U.S."
##RESURGE Malware Exploits Ivanti Zero-Day With Stealthy Network-Level Evasion
Introduction: A Silent Threat Inside Critical Access Gateways U.S. federal cybersecurity officials have disclosed alarming new details about RESURGE, a highly advanced malicious implant discovered on Ivanti Connect Secure devices. The implant was used in zero-day attacks that exploited a critical vulnerability, CVE-2025-0282, allowing attackers to gain deep, persistent access to systems that…
##"CISA warns that RESURGE malware can be dormant on Ivanti devices"
"[...] Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. The U.S."
##updated 2025-10-22T19:13:26
1 posts
100 repos
https://github.com/0xInfection/LogMePwn
https://github.com/shamo0/CVE-2021-44228
https://github.com/r3kind1e/Log4Shell-obfuscated-payloads-generator
https://github.com/CodeShield-Security/Log4JShell-Bytecode-Detector
https://github.com/jas502n/Log4j2-CVE-2021-44228
https://github.com/dwisiswant0/look4jar
https://github.com/justakazh/Log4j-CVE-2021-44228
https://github.com/sec13b/CVE-2021-44228-POC
https://github.com/NCSC-NL/log4shell
https://github.com/yahoo/check-log4j
https://github.com/takito1812/log4j-detect
https://github.com/roxas-tan/CVE-2021-44228
https://github.com/nccgroup/log4j-jndi-be-gone
https://github.com/puzzlepeaches/Log4jHorizon
https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes
https://github.com/Diverto/nse-log4shell
https://github.com/momos1337/Log4j-RCE
https://github.com/sunnyvale-it/CVE-2021-44228-PoC
https://github.com/1lann/log4shelldetect
https://github.com/puzzlepeaches/Log4jCenter
https://github.com/rubo77/log4j_checker_beta
https://github.com/hackinghippo/log4shell_ioc_ips
https://github.com/irgoncalves/f5-waf-enforce-sig-CVE-2021-44228
https://github.com/HynekPetrak/log4shell-finder
https://github.com/toramanemre/apache-solr-log4j-CVE-2021-44228
https://github.com/Jeromeyoung/log4j2burpscanner
https://github.com/alexandre-lavoie/python-log4rce
https://github.com/AlexandreHeroux/Fix-CVE-2021-44228
https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
https://github.com/redhuntlabs/Log4JHunt
https://github.com/Adikso/minecraft-log4j-honeypot
https://github.com/HyCraftHD/Log4J-RCE-Proof-Of-Concept
https://github.com/stripe/log4j-remediation-tools
https://github.com/RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs
https://github.com/sassoftware/loguccino
https://github.com/mr-r3b00t/CVE-2021-44228
https://github.com/qingtengyun/cve-2021-44228-qingteng-patch
https://github.com/thecyberneh/Log4j-RCE-Exploiter
https://github.com/mr-vill4in/log4j-fuzzer
https://github.com/bigsizeme/Log4j-check
https://github.com/faisalfs10x/Log4j2-CVE-2021-44228-revshell
https://github.com/TaroballzChen/CVE-2021-44228-log4jVulnScanner-metasploit
https://github.com/leonjza/log4jpwn
https://github.com/mufeedvh/log4jail
https://github.com/logpresso/CVE-2021-44228-Scanner
https://github.com/Nanitor/log4fix
https://github.com/giterlizzi/nmap-log4shell
https://github.com/fox-it/log4j-finder
https://github.com/MalwareTech/Log4jTools
https://github.com/Azeemering/CVE-2021-44228-DFIR-Notes
https://github.com/NorthwaveSecurity/log4jcheck
https://github.com/greymd/CVE-2021-44228
https://github.com/fireeye/CVE-2021-44228
https://github.com/CrackerCat/CVE-2021-44228-Log4j-Payloads
https://github.com/aws-samples/kubernetes-log4j-cve-2021-44228-node-agent
https://github.com/darkarnium/Log4j-CVE-Detect
https://github.com/thomaspatzke/Log4Pot
https://github.com/ssl/scan4log4j
https://github.com/simonis/Log4jPatch
https://github.com/korteke/log4shell-demo
https://github.com/blake-fm/vcenter-log4j
https://github.com/NS-Sp4ce/Vm4J
https://github.com/puzzlepeaches/Log4jUnifi
https://github.com/lfama/log4j_checker
https://github.com/back2root/log4shell-rex
https://github.com/cisagov/log4j-scanner
https://github.com/Labout/log4shell-rmi-poc
https://github.com/CERTCC/CVE-2021-44228_scanner
https://github.com/irgoncalves/f5-waf-quick-patch-cve-2021-44228
https://github.com/qingtengyun/cve-2021-44228-qingteng-online-patch
https://github.com/mzlogin/CVE-2021-44228-Demo
https://github.com/twseptian/spring-boot-log4j-cve-2021-44228-docker-lab
https://github.com/corelight/cve-2021-44228
https://github.com/claranet/ansible-role-log4shell
https://github.com/boundaryx/cloudrasp-log4j2
https://github.com/tippexs/nginx-njs-waf-cve2021-44228
https://github.com/corretto/hotpatch-for-apache-log4j2
https://github.com/Malwar3Ninja/Exploitation-of-Log4j2-CVE-2021-44228
https://github.com/KosmX/CVE-2021-44228-example
https://github.com/LiveOverflow/log4shell
https://github.com/lucab85/log4j-cve-2021-44228
https://github.com/f0ng/log4j2burpscanner
https://github.com/DragonSurvivalEU/RCE
https://github.com/alexbakker/log4shell-tools
https://github.com/christophetd/log4shell-vulnerable-app
https://github.com/cyberxml/log4j-poc
https://github.com/toramanemre/log4j-rce-detect-waf-bypass
https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce
https://github.com/Kadantte/CVE-2021-44228-poc
https://github.com/0xDexter0us/Log4J-Scanner
https://github.com/kubearmor/log4j-CVE-2021-44228
https://github.com/kozmer/log4j-shell-poc
https://github.com/infiniroot/nginx-mitigate-log4shell
https://github.com/BinaryDefense/log4j-honeypot-flask
https://github.com/pedrohavay/exploit-CVE-2021-44228
https://github.com/mergebase/log4j-detector
https://github.com/fullhunt/log4j-scan
https://github.com/marcourbano/CVE-2021-44228
SENTINEL BRIEF: Log4Shell (CVE-2021-44228) is an architectural failure, not just a bug. Our V7.4 Forensic Analysis explores the JNDI lookup logic failure that subverts Zero Trust topology. Moving beyond the patch to topological defense. Read the full report at The Cyber Mind Co.
##updated 2025-10-22T17:52:05
1 posts
8 repos
https://github.com/Snorlyd/https-nj.gov---CVE-2020-11023
https://github.com/andreassundstrom/cve-2020-11023-demonstration
https://github.com/DanielRuf/snyk-js-jquery-565129
https://github.com/towaos/towaos-lab-cve-2020-11023
https://github.com/Cybernegro/CVE-2020-11023
https://github.com/honeyb33z/cve-2020-11023-scanner
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-10-03T14:16:36
4 posts
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/
Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/
Anthropic has addressed some of the concerns raised here, but the fact remains that Claude Code will run code in configuration files with minimal visibility to the end user. In this way, it presents similar dangers to VS Code and Cursor.
##Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852 - Check Point Research
##updated 2025-08-15T21:31:14
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T21:31:12
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T20:28:18.250000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T20:26:54.410000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T20:25:58.247000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T20:25:40.657000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-15T20:20:41.123000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-04T09:30:34
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-08-04T09:30:34
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T13:10:35.760000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T13:09:56.670000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T13:02:02.717000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T12:50:47.377000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T12:46:26.603000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-07-17T12:38:13.340000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-06-16T15:32:27
1 posts
On a recent engagement, we exploited a previously disclosed privilege escalation bug in Tenable's Nessus Agent. No public PoC was available, so we made one; check it out here https://github.com/atredispartners/proof-of-concept/tree/main/cve-2025-36632
##updated 2025-04-23T14:08:13.383000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-04-20T03:47:47
2 posts
2 repos
@oraclejmt you're not wrong - the article is all about CVE-2017-13089 :)
##@oraclejmt you're not wrong - the article is all about CVE-2017-13089 :)
##updated 2025-04-20T03:45:00
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-04-14T18:32:45
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-04-14T17:15:22.920000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-04-11T04:03:08
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-03-18T12:30:48
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-03-18T11:15:39.553000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2025-01-15T16:50:28.667000
1 posts
3 repos
https://github.com/YardenFadida/CVE-2024-3661_Demo
Hmm, is this it?
https://nvd.nist.gov/vuln/detail/CVE-2024-3661
Was looking at something recently used to overload ICMP echo Requests for denial of service, this stuff is really interesting
##updated 2024-11-21T08:34:25.727000
2 posts
This week's biggest security fails include the emergence of Hot Dog Bots that can devour a 12-oz bun in under 8 minutes, but what's less funny is the alarming rate of exploited vulnerabilities like the recently patched CVE-2023-4116 in Windows Server.
Meanwhile,...
Read more: https://steelefortress.com/o629yr
##This week's biggest security fails include the emergence of Hot Dog Bots that can devour a 12-oz bun in under 8 minutes, but what's less funny is the alarming rate of exploited vulnerabilities like the recently patched CVE-2023-4116 in Windows Server.
Meanwhile,...
Read more: https://steelefortress.com/o629yr
##updated 2024-11-21T08:33:41.280000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:33:41.160000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:17:47.187000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:11:55.730000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:11:54.897000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:11:54.597000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T08:11:54.430000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:34:30.347000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:50.140000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:49.833000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:49.693000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:49.447000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:49.320000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:49.183000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T07:05:22.200000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:46:56.430000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:46:56.033000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:41:53.937000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:14:02.903000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:08:55.267000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T06:00:51.517000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.600000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.360000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.247000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.133000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:49:08.020000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:06:13.097000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T05:03:26.193000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:55:03.253000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:50:48.343000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:50:48.197000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-11-21T04:25:05.470000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-10-03T21:32:08
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-09-26T13:32:02.803000
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-09-06T21:37:31
2 posts
3 repos
https://github.com/Bi0x/CVE-2024-37032
Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).
Check out the wrap up at https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-02-27-2026/
##Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).
Check out the wrap up at https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-02-27-2026/
##updated 2024-06-04T09:31:04
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-11T21:18:06
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T08:32:52
2 posts
1 repos
@tiraniddo Finally, the post I waited for. Back in 2023 I searched for a UAC bypass that is compatible with "always notify" and Windows 10 upwards to complete my chain for any Windows UAC bypass. I used your token reading UAC bypass as a base for older Windows systems. Then I just found CVE-2023-41772 by accident. So this route was burned or at least I thought it was. Then I tried to find a UIAccess bypass and it worked again. That was the moment where I knew not auto-elevate but UIAccess is (and will be) the biggest weakness of UAC. Even without GetProcessHandleFromHwnd there are more options like CSRSS activation cache poisoning, COM injection, abusing WER, ...
As far as I have seen the newest version of administrator protection still has at least one bug, that let's you bypass it, but after the chaos of the first "release", I will rather wait for the full release.
Anyway the PPL bypass might be fixed, but I have another PPL bypass that is "fixed" in 24H2 but still works on 25H2 and preview. The bug is simple, but (unique) exploitation is so dumb, I don't know what to say ... 😅
##@tiraniddo Finally, the post I waited for. Back in 2023 I searched for a UAC bypass that is compatible with "always notify" and Windows 10 upwards to complete my chain for any Windows UAC bypass. I used your token reading UAC bypass as a base for older Windows systems. Then I just found CVE-2023-41772 by accident. So this route was burned or at least I thought it was. Then I tried to find a UIAccess bypass and it worked again. That was the moment where I knew not auto-elevate but UIAccess is (and will be) the biggest weakness of UAC. Even without GetProcessHandleFromHwnd there are more options like CSRSS activation cache poisoning, COM injection, abusing WER, ...
As far as I have seen the newest version of administrator protection still has at least one bug, that let's you bypass it, but after the chaos of the first "release", I will rather wait for the full release.
Anyway the PPL bypass might be fixed, but I have another PPL bypass that is "fixed" in 24H2 but still works on 25H2 and preview. The bug is simple, but (unique) exploitation is so dumb, I don't know what to say ... 😅
##updated 2024-04-04T06:31:20
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:19
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:17
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:16
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:15
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:14
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:12
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:09
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:09
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:06
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:05
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:31:00
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:30:56
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T06:24:58
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:43:02
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:43:02
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:59
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:57
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:57
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:52
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T05:42:52
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T04:05:11
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T04:05:10
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T04:05:08
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T04:05:05
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T02:44:48
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T02:40:12
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2024-04-04T01:57:58
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-12-11T21:30:21
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-11-10T05:01:31
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-07-06T15:30:31
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-05-16T12:30:20
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-05-16T12:30:19
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-03-29T21:30:23
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-02-02T05:03:30
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-02-01T05:08:48
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-02-01T05:06:00
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-02-01T05:03:15
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:47
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:37
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:15
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:14
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-30T05:01:11
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:06:46
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:06:35
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:06:33
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:06:09
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:04:32
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:04:06
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:04:03
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:04:03
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:03:52
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:02:53
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:02:04
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-29T05:01:15
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-28T05:07:31
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-28T05:07:13
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:27
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:21
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:21
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:16
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:05:02
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:04:35
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:01:30
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:01:23
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:01:23
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##updated 2023-01-27T05:01:22
1 posts
#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite
Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669
https://certvde.com/en/advisories/vde-2025-108/
#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json
##1 posts
1 repos
https://github.com/mcorybillington/CVE-2025-64328_FreePBX-framework-Command-Injection
Critical Infrastructure Exposure: Hundreds of Sangoma FreePBX Systems Remain Infected After CVE-2025-64328 Exploitation
A Persistent Threat Lurking Inside VoIP Networks A silent compromise continues to ripple through enterprise phone systems worldwide. Months after attackers began exploiting a serious vulnerability in Sangoma FreePBX, hundreds of instances remain infected with stealthy web shells. What began in December 2025 as a targeted campaign has evolved into a…
##🟠 CVE-2026-23627 - High (8.8)
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an SQL injection vulnerability in the Immunization module allows any authenticated user to execute arbitrary SQL queri...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23627/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-23627 - High (8.8)
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an SQL injection vulnerability in the Immunization module allows any authenticated user to execute arbitrary SQL queri...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23627/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25954 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_local_move_size` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` returns an unprotected pointer from the `railWindows...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25954/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25954 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_local_move_size` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` returns an unprotected pointer from the `railWindows...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25954/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25952 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_SetWindowMinMaxInfo` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` in `xf_rail_server_min_max_info` returns an unprotected poin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25952/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25952 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_SetWindowMinMaxInfo` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` in `xf_rail_server_min_max_info` returns an unprotected poin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25952/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25942 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_execute_result` indexes the global `error_code_names[]` array (7 elements, indices 0–6) with an unchecked `execResult->execResult` value re...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25942/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-25942 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_execute_result` indexes the global `error_code_names[]` array (7 elements, indices 0–6) with an unchecked `execResult->execResult` value re...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25942/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25959 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_cliprdr_provide_data_` passes freed `pDstData` to `XChangeProperty` because the cliprdr channel thread calls `xf_cliprdr_server_format_data_response` whi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25959/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-25959 - Critical (9.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_cliprdr_provide_data_` passes freed `pDstData` to `XChangeProperty` because the cliprdr channel thread calls `xf_cliprdr_server_format_data_response` whi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25959/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26986 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on titl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26986/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26986 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on titl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26986/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27950 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the S...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27950/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27950 - High (7.5)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the S...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27950/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27633 - High (7.5)
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service (DoS) vulnerability via memory exhaustion. Unauthenticated remote attackers can send an HTTP POST request to the server with...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27633/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27633 - High (7.5)
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service (DoS) vulnerability via memory exhaustion. Unauthenticated remote attackers can send an HTTP POST request to the server with...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27633/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-28213 - Critical (9.8)
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attac...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28213/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-28213 - Critical (9.8)
EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attac...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28213/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-27947 (CRITICAL): Intermesh Group-Office RCE via TNEF attachment processing. Authenticated attackers can inject commands through crafted filenames. Patch to v26.0.9/25.0.87/6.8.154 ASAP! https://radar.offseq.com/threat/cve-2026-27947-cwe-88-improper-neutralization-of-a-24402a59 #OffSeq #RCE #Vuln #GroupOffice
##🚨 CVE-2026-27947 (CRITICAL): Intermesh Group-Office RCE via TNEF attachment processing. Authenticated attackers can inject commands through crafted filenames. Patch to v26.0.9/25.0.87/6.8.154 ASAP! https://radar.offseq.com/threat/cve-2026-27947-cwe-88-improper-neutralization-of-a-24402a59 #OffSeq #RCE #Vuln #GroupOffice
##🟠 CVE-2026-28272 - High (8.1)
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28272/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28272 - High (8.1)
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28272/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-28408 - Critical (9.8)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar_tipo_docs_atendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malic...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28408/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CRITICAL: CVE-2026-28408 in WeGIA (<3.6.5) lets unauthenticated attackers inject massive unauthorized data via adicionar_tipo_docs_atendido.php. Upgrade to 3.6.5 ASAP. Monitor & restrict access now. https://radar.offseq.com/threat/cve-2026-28408-cwe-862-missing-authorization-in-la-ddacfcff #OffSeq #Vulnerability #WeGIA #CVE202628408
##🔴 CVE-2026-28408 - Critical (9.8)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar_tipo_docs_atendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malic...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28408/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CRITICAL: CVE-2026-28408 in WeGIA (<3.6.5) lets unauthenticated attackers inject massive unauthorized data via adicionar_tipo_docs_atendido.php. Upgrade to 3.6.5 ASAP. Monitor & restrict access now. https://radar.offseq.com/threat/cve-2026-28408-cwe-862-missing-authorization-in-la-ddacfcff #OffSeq #Vulnerability #WeGIA #CVE202628408
##🔴 CVE-2026-28411 - Critical (9.8)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the `extract()` function on the `$_REQUEST` superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vuln...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28411/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-28411: CRITICAL auth bypass in LabRedesCefetRJ WeGIA (<3.6.5) via unsafe extract() on $_REQUEST. Full admin compromise risk. Upgrade to 3.6.5+ now! More: https://radar.offseq.com/threat/cve-2026-28411-cwe-288-authentication-bypass-using-7167a2c8 #OffSeq #Vuln #WebAppSec #PHP
##🔴 CVE-2026-28411 - Critical (9.8)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the `extract()` function on the `$_REQUEST` superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vuln...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28411/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-28411: CRITICAL auth bypass in LabRedesCefetRJ WeGIA (<3.6.5) via unsafe extract() on $_REQUEST. Full admin compromise risk. Upgrade to 3.6.5+ now! More: https://radar.offseq.com/threat/cve-2026-28411-cwe-288-authentication-bypass-using-7167a2c8 #OffSeq #Vuln #WebAppSec #PHP
##🔴 CVE-2026-28409 - Critical (10)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access (which ca...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-28409: WeGIA <3.6.5 has a CRITICAL OS command injection flaw (CVSS 10). RCE possible via crafted backup filenames + admin access (can be gained with auth bypass). Upgrade to 3.6.5 ASAP! https://radar.offseq.com/threat/cve-2026-28409-cwe-78-improper-neutralization-of-s-258821fc #OffSeq #infosec #CVE202628409 #RCE
##🔴 CVE-2026-28409 - Critical (10)
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access (which ca...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CVE-2026-28409: WeGIA <3.6.5 has a CRITICAL OS command injection flaw (CVSS 10). RCE possible via crafted backup filenames + admin access (can be gained with auth bypass). Upgrade to 3.6.5 ASAP! https://radar.offseq.com/threat/cve-2026-28409-cwe-78-improper-neutralization-of-s-258821fc #OffSeq #infosec #CVE202628409 #RCE
##🟠 CVE-2026-28216 - High (8.3)
hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. `user-environments.resolver.ts:82-109`, `updateUserEnvironment` mutation us...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28216/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-28275 - High (8.1)
Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 do not invalidate previously issued JWT access tokens after a user changes their password. As a result, older tokens remain valid until expiration...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28275/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26965 - High (8.8)
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel` without verifying th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26965/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26985 - High (8.1)
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Starting in version 24.0.0 and prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenti...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26985/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-26984 - High (8.7)
LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to versions 26.0.5, 27.0.2, and 28.0.0, an authenticated user with sufficient priv...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26984/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27976 - High (8.8)
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor (`async_tar::Archive::unpack`) creates symlinks from the archive without validation, and the path guard (`writeable_path_from_ext...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27976/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##