Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 8:36 a.m.7 views

CVE-2020-12497

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

7.8CVSS7.6AI score0.08365EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-4799

Malware in sbrugna...

7.8CVSS7.5AI score0.08365EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2019-4449

Malware in sbrugna...

8.8CVSS8.8AI score0.01728EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-4800

Malware in sbrugna...

7.8CVSS7.6AI score0.00682EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-4448

Malware in sbrugna...

8.8CVSS8.8AI score0.01728EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-21247

Malware in sbrugna...

7.8CVSS7.6AI score0.0016EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/12/12 12:0 a.m.2 views

PT-2023-7706 · Phoenix Contact · Pc Worx Express +17

Name of the Vulnerable Software and Affected Versions: Phoenix Contact Automation Worx Software Suite versions affected versions not specified AXC 1050 versions affected versions not specified AXC 1050 XC versions affected versions not specified AXC 3050 versions affected versions not specified...

10CVSS9.3AI score0.00811EPSS
Exploits0References9
Prion
Prionadded 2022/11/15 11:15 a.m.21 views

Heap overflow

In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access violation. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using...

4.4CVSS7.6AI score0.00062EPSS
Exploits0References1Affected Software1
ICS
ICSadded 2022/06/21 12:0 a.m.59 views

Phoenix Contact Classic Line Controllers

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Phoenix Contact Equipment: ILC, AXC, RFC, PC WORX, FC Vulnerability: Insufficient Verification of Data Authenticity 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

10CVSS9.9AI score0.01572EPSS
Exploits1References4
NVD
NVDadded 2021/11/04 10:15 a.m.10 views

CVE-2021-34597

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory...

7.8CVSS0.0016EPSS
Exploits0References1
OSV
OSVadded 2021/11/04 10:15 a.m.1 views

CVE-2021-34597

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory...

7.8CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2021/11/04 10:15 a.m.11 views

Input validation

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory...

6.8CVSS7.5AI score0.0016EPSS
Exploits0References1Affected Software2
CVE
CVEadded 2021/11/04 9:50 a.m.42 views

CVE-2021-34597

CVE-2021-34597 affects Phoenix Contact PC Worx Automation Suite (up to version 1.88). The root cause is improper input validation in project files, enabling a manipulated project to unpack arbitrary files outside the selected directory. NVD reports CVSS v2 base score 6.8 (NETWORK, partial impact)...

7.8CVSS7.6AI score0.0016EPSS
Exploits0References1Affected Software2
Cvelist
Cvelistadded 2021/11/04 9:50 a.m.12 views

CVE-2021-34597 Phoenix Contact: PC Worx/-Express prone to improper input validation vulnerability

Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory...

7.8CVSS7.8AI score0.0016EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2020/07/10 12:0 a.m.42 views

Phoenix Contact Automationworx PC WORX MWE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Phoenix Contact Automationworx. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.9AI score0.00682EPSS
Exploits0References1
OSV
OSVadded 2020/07/01 4:15 p.m.1 views

CVE-2020-12498

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

7.8CVSS7.7AI score0.00682EPSS
Exploits0References2
NVD
NVDadded 2020/07/01 4:15 p.m.11 views

CVE-2020-12498

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

7.8CVSS0.00682EPSS
Exploits0References2
NVD
NVDadded 2020/07/01 4:15 p.m.10 views

CVE-2020-12497

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

7.8CVSS0.08365EPSS
Exploits0References3
Prion
Prionadded 2020/07/01 4:15 p.m.10 views

Input validation

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

6.8CVSS7.9AI score0.00682EPSS
Exploits0References2Affected Software2
Prion
Prionadded 2020/07/01 4:15 p.m.17 views

Stack overflow

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...

6.8CVSS7.9AI score0.08365EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder