CVE-2023-3348 Directory traversal vulnerability in Cloudflare Wrangler

The Wrangler command line tool [email protected] or [email protected] was affected by a directory traversal vulnerability when running a local development server for Pages wrangler pages dev command. This vulnerability enabled an attacker in the same network as the victim to connect to the local...

CVE-2023-3348 Directory traversal vulnerability in Cloudflare Wrangler

The Wrangler command line tool [email protected] or [email protected] was affected by a directory traversal vulnerability when running a local development server for Pages wrangler pages dev command. This vulnerability enabled an attacker in the same network as the victim to connect to the local...

CVE-2023-3348

The CVE-2023-3348 entry concerns the Cloudflare Wrangler CLI and its pages dev local development server. Affected components: Wrangler (<=3.1.0) and Wrangler (

CVE-2023-3669

A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog...

CVE-2023-3669

A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog...

Design/Logic Flaw

A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog...

2022 Top Routinely Exploited Vulnerabilities

SUMMARY The following cybersecurity agencies coauthored this joint Cybersecurity Advisory CSA: United States: The Cybersecurity and Infrastructure Security Agency CISA, National Security Agency NSA, and Federal Bureau of Investigation FBI Australia: Australian Signals Directorate’s Australian Cyb...

CVE-2023-3663

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server...

CVE-2023-3663

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server...

CVE-2023-3662

In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context...

CVE-2023-3662

In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context...

Design/Logic Flaw

In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context...

Design/Logic Flaw

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server...

CVE-2023-3662

CVE-2023-3662 affects CODESYS Development System versions 3.5.17.0 through 3.5.19.19 (prior to 3.5.19.20). The vulnerability arises from an Uncontrolled Search Path Element (CWE-427) that allows execution of binaries from the current working directory in the user’s context. Impact, as described i...

CODESYS Development System Security Vulnerability

3s-smart Software Solutions CODESYS Development System is a suite of programming tools for the field of industrial controllers and automation technology from 3s-smart Software Solutions, Germany. A security vulnerability exists in CODESYS Development System versions prior to 3.5.19.20, which stem...

CODESYS Development System Data Falsification Issue Vulnerability

3s-smart Software Solutions CODESYS Development System is a suite of programming tools for the field of industrial controllers and automation technology from 3s-smart Software Solutions, Germany. A data forgery vulnerability exists in CODESYS Development System versions 3.5.11.20 through 3.5.19.2...

Multiple Codesys Products Buffer Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. A buffer error vulnerability exists in several Codesys products, which stems from a specially crafted remote communication request that could cause the CmpAppBP component to overwrite...

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...