Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2021-21246

Malware in sbrugna...

6.5CVSS6.5AI score0.00236EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-21243

Malware in sbrugna...

7.5CVSS7.5AI score0.04305EPSS
Exploits4References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-53195

Malicious code in bioql PyPI...

9.8CVSS9.5AI score0.00445EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/09/09 12:0 a.m.2 views

Wago CODESYS V2 Runtime Toolkit Access of Uninitialized Pointer (CVE-2021-34596)

A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...

6.5CVSS6.5AI score0.00236EPSS
Exploits0References2
NVD
NVDadded 2022/06/24 8:15 a.m.11 views

CVE-2022-31806

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller...

9.8CVSS0.00445EPSS
Exploits0References1
OSV
OSVadded 2022/06/24 8:15 a.m.2 views

CVE-2022-31806

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller...

9.8CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2022/06/24 8:15 a.m.13 views

Design/Logic Flaw

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller...

6.8CVSS9.4AI score0.00445EPSS
Exploits0References1Affected Software2
CVE
CVEadded 2022/06/24 7:46 a.m.71 views

CVE-2022-31806

CVE-2022-31806 affects CODESYS V2 PLCWinNT and Runtime Toolkit 32-bit, prior to version V2.4.7.57, due to insecure/default password protection not enabled and no prompt to enable at login when no password exists. Public sources (CISA ICS advisory ICSA-25-329-05) describe potential consequences as...

9.8CVSS9.6AI score0.00445EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologiesadded 2022/06/24 12:0 a.m.2 views

PT-2022-20946 · 3S Smart Software Solutions · Codesys V2 Plcwinnt +1

Name of the Vulnerable Software and Affected Versions: CODESYS V2 PLCWinNT and Runtime Toolkit 32 versions prior to V2.4.7.57 Description: The issue concerns password protection not being enabled by default. In cases where no password is set at the controller, there is no information or prompt to...

9.8CVSS9.5AI score0.00445EPSS
Exploits0References5
CNNVD
CNNVDadded 2022/06/24 12:0 a.m.1 views

CODESYS 安全漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in CODESYS V2 PLCWinNT and Runtime Toolkit 32 versions prior to V2.4.7.57, which stems from the fact that password protection is not enabled by default and there is no message or...

9.8CVSS8.6AI score0.00445EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2022/06/23 10:0 a.m.1 views

CVE-2022-31806

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller...

9.8CVSS5.4AI score0.00445EPSS
Exploits0References2Affected Software2
NVD
NVDadded 2021/10/26 10:15 a.m.12 views

CVE-2021-34596

A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition...

6.5CVSS0.00236EPSS
Exploits0References1
OSV
OSVadded 2021/10/26 10:15 a.m.3 views

CVE-2021-34596

A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition...

6.5CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2021/10/26 10:15 a.m.11 views

CVE-2021-34593

In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing...

7.5CVSS0.04305EPSS
Exploits4References4
OSV
OSVadded 2021/10/26 10:15 a.m.0 views

CVE-2021-34593

In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing...

7.5CVSS7.1AI score
Exploits0References4
OSV
OSVadded 2021/10/26 10:15 a.m.1 views

CVE-2021-34595

A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite...

8.1CVSS5.8AI score0.00372EPSS
Exploits0References1
CVE
CVEadded 2021/10/26 9:55 a.m.47 views

CVE-2021-34595

The CVE-2021-34595 issue affects CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT versions prior to V2.4.7.56. A crafted request with invalid offsets can trigger an out-of-bounds read or write, leading to a denial-of-service condition or local memory overwrite. The issue’s impact is reflected ...

8.1CVSS7.9AI score0.00372EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2021/10/26 9:55 a.m.72 views

CVE-2021-34593

CVE-2021-34593 affects CODESYS V2 Runtime Toolkit 32‑Bit full and PLCWinNT prior to V2.4.7.56. Unauthenticated crafted invalid requests may trigger several denial‑of‑service conditions, potentially stopping running PLC programs, leaking memory, or blocking additional clients from accessing the PL...

7.5CVSS7.5AI score0.04305EPSS
Exploits4References4Affected Software1
CNNVD
CNNVDadded 2021/10/26 12:0 a.m.1 views

CODESYS 缓冲区错误漏洞

CODESYS is a controller development system from Germany's 3S-Smart Software Solutions A buffer error vulnerability exists in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT versions prior to V2.4.7.56, which stems from a crafted request that could result in a denial-of-service condition due t...

6.5CVSS6.7AI score0.00236EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2021/10/26 12:0 a.m.1 views

PT-2021-20570 · 3S Smart Software Solutions · Codesys V2 Runtime Toolkit +1

Name of the Vulnerable Software and Affected Versions: CODESYS V2 Runtime Toolkit 32 Bit full versions prior to V2.4.7.56 PLCWinNT versions prior to V2.4.7.56 Description: A crafted request with invalid offsets may cause an out-of-bounds read or write access, resulting in a denial-of-service...

8.1CVSS7.8AI score0.00372EPSS
Exploits0References4
Rows per page
Query Builder