Edge Security Vulnerabilities
8.3CVSS
8.9AI Score
0.006EPSS
9.6CVSS
9AI Score
0.002EPSS
7.5CVSS
8.2AI Score
0.002EPSS
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not...
7.5CVSS
7.4AI Score
0.001EPSS
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not...
7.5CVSS
7.4AI Score
0.001EPSS
8.3CVSS
7.6AI Score
0.002EPSS
8.3CVSS
7.5AI Score
0.004EPSS
8.3CVSS
7.6AI Score
0.004EPSS
8.3CVSS
7.6AI Score
0.004EPSS
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers...
7.5CVSS
8.1AI Score
0.002EPSS
8.3CVSS
8.6AI Score
0.053EPSS
8.3CVSS
8.1AI Score
0.003EPSS
4.3CVSS
5.3AI Score
0.001EPSS
8.3CVSS
8.1AI Score
0.003EPSS
An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a...
6.5CVSS
6.3AI Score
0.001EPSS
An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If...
7.1CVSS
6.8AI Score
0.001EPSS
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be...
7.5CVSS
7.5AI Score
0.002EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
8.3CVSS
8AI Score
0.004EPSS
4.3CVSS
5.3AI Score
0.001EPSS
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting (XSS) exploitable by attackers with Item/Configure permission or otherwise able to control report...
5.4CVSS
5.2AI Score
0.001EPSS
The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing attackers with Item/Read permission to obtain the contents of arbitrary files on Windows...
6.5CVSS
6.3AI Score
0.001EPSS
Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on the Jenkins controller as a parameter to its build...
6.5CVSS
6.3AI Score
0.001EPSS
A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file...
4.3CVSS
4.4AI Score
0.001EPSS
Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential information on a PC that connects to the WBM after it has been...
5.4CVSS
5.2AI Score
0.001EPSS
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), T...
7.8CVSS
7.7AI Score
0.001EPSS
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), T...
7.8CVSS
7.7AI Score
0.001EPSS
A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), T...
7.8CVSS
7.7AI Score
0.001EPSS
6.3CVSS
6.7AI Score
0.002EPSS
7.7CVSS
6.7AI Score
0.001EPSS
5.3CVSS
5.4AI Score
0.001EPSS
4.3CVSS
4.5AI Score
0.001EPSS
4.2CVSS
4.4AI Score
0.003EPSS
6.1CVSS
6.2AI Score
0.001EPSS
6.1CVSS
6.2AI Score
0.001EPSS
4.2CVSS
4.4AI Score
0.003EPSS
2.5CVSS
4.4AI Score
0.003EPSS
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could ...
7.8CVSS
7.6AI Score
0.001EPSS
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could ...
7.8CVSS
7.7AI Score
0.001EPSS
A vulnerability has been identified in SINUMERIK Edge (All versions < V3.2). The affected software does not properly validate the server certificate when initiating a TLS connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path between the clien...
7.4CVSS
7.1AI Score
0.001EPSS
4.2CVSS
4.9AI Score
0.008EPSS
3.1CVSS
7.4AI Score
0.001EPSS
3.1CVSS
7.2AI Score
0.001EPSS
4.3CVSS
4.7AI Score
0.001EPSS