CVE-2026-1874

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allo...

CVE-2026-1874 Denial-of-Service (DoS) vulnerability in Ethernet function of MELSEC iQ-F Series EtherNet/IP module and Ethernet module

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allo...

CVE-2026-1874

Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allo...

CVE-2022-0222

A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUsBMXP34 versions prior to V3.40, Modicon M340 X80 Ethernet Communication...

EUVD-2018-8370

Malware in sbrugna...

EUVD-2025-24813

Malicious code in bioql PyPI...

EUVD-2022-52687

Malicious code in bioql PyPI...

EUVD-2025-27254

Malicious code in bioql PyPI...

EUVD-2022-52686

Malicious code in bioql PyPI...

CVE-2025-8007

A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules, where a Concurrent Forward Close operation can trigger a Major Non-Recoverable MNFR fault. This condition may lead to unexpected system crashes and loss of device availability...

CVE-2025-7353 Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

CVE-2025-7353 Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

CVE-2025-7353

CVE-2025-7353 affects Rockwell Automation ControlLogix Ethernet Modules via the web-based debugger agent (WDB). The connected PT-2025-33275 entry specifies affected software versions pre-12.001 and explains that connecting to the WDB agent from a specific IP can enable remote attackers to perform...

CVE-2022-30938

A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant All versions, EN100 Ethernet module IEC 104 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.40, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO varia...

Schneider Electric Modicon Cross-Site Request Forgery (CVE-2020-7534)

A CWE-352: Cross-Site Request Forgery CSRF vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 All Versions, Modicon Quantum CPUs with...

PT-2023-3413 · Mitsubishi · Melsec Iq-F Series

Name of the Vulnerable Software and Affected Versions: MELSEC iQ-F Series versions FX3U, FX3UC, FX3G, FX3GC-32MT, FX3GE, FX3GA, FX3S, and FX3SA Description: The issue is related to an authentication bypass vulnerability using a capture-replay attack on intercepted parameters. This could allow a...

AutomationDirect DirectLOGIC 安全漏洞

AutomationDirect DirectLOGIC is a programmable logic controller from AutomationDirect, Inc. A security vulnerability in AutomationDirect DirectLOGIC, which can be exploited by an attacker to cause loss of sensitive device information, unauthorized changes, and denial of service conditions, affect...

CVE-2021-22788

A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 Versions prior to V3.40, Modicon M340 X80 Ethernet Communication Modules:...

CVE-2021-22787

A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 Versions prior to V3.40, Modicon M340 X80 Ethernet...

CVE-2020-7536

CVE-2020-7536 affects Schneider Electric Modicon M340: CPUs (BMXP34* pre-V3.30) and Ethernet modules BMXNOE0100(H) pre-V3.4, BMXNOE0110(H) pre-V6.6, BMXNOR0200H all versions. Root cause: CWE-754 Improper Check for Unusual or Exceptional Conditions, leading to device unreachability when SNMP param...