CVE-2023-37557
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based b ...
Continue Reading
August 03, 2023
CVE-2023-37555
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component ...
Continue Reading
August 03, 2023
CVE-2022-4046
In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.Read M ...
Continue Reading
August 03, 2023
CVE-2023-3662
In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .Read More ...
Continue Reading
August 03, 2023
CVE-2023-3663
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received ...
Continue Reading
August 03, 2023
CVE-2023-37545
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component t ...
Continue Reading
August 03, 2023
Exploit for Missing Authorization in Wpmet Metform Elementor Contact Form Builder
# CVE-2022-1442 WordPress Plugin Metform <= 2.1.3 - Improper ...Read More ...
Continue Reading
August 03, 2023
Important: mod_auth_openidc:2.3 security update
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. ...
Continue Reading
August 02, 2023
CVE-2023-38419
An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.  Note: Software versions which have reached End of Tec ...
Continue Reading
August 02, 2023
CVE-2023-38423
A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. ...
Continue Reading
August 02, 2023
