A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
9.1CVSS
9.1AI Score
0.002EPSS
Siemens SCALANCE Use of Weak Hash (CVE-2023-44319)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
4.9CVSS
7.1AI Score
0.001EPSS
Siemens SCALANCE Use of Hard-coded Cryptographic Key (CVE-2023-44318)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
4.9CVSS
5.9AI Score
0.001EPSS
Siemens SCALANCE Uncontrolled Resource Consumption (CVE-2023-44321)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
6.5CVSS
6.9AI Score
0.001EPSS
7.4AI Score
Siemens SCALANCE Missing Cryptographic Step (CVE-2023-44320)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
4.3CVSS
6.8AI Score
0.001EPSS
7.4AI Score
Siemens SCALANCE Acceptance of Extraneous Untrusted Data With Trusted Data (CVE-2023-44317)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
7.2CVSS
7.5AI Score
0.001EPSS
Siemens SCALANCE Unchecked Return Value (CVE-2023-44322)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
5.9CVSS
7.5AI Score
0.001EPSS
Siemens SIMATIC S7-400 Uncontrolled Recursion (CVE-2022-47374)
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU...
7.5CVSS
7.1AI Score
0.0005EPSS
Siemens SIMATIC S7-400 Buffer Access with Incorrect Length Value (CVE-2022-47375)
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU...
7.5CVSS
7.6AI Score
0.0005EPSS
Siemens SCALANCE Unsynchronized Access to Shared Data in a Multithreaded Context (CVE-2023-44374)
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL- Router (Annex A), SCALANCE M812-1 ADSL-Router (Annex B), SCALANCE M816-1 ADSL-Router (Annex A), SCALANCE M816-1 ADSL-Router (Annex B), SCALANCE M826-2...
8.8CVSS
9.1AI Score
0.001EPSS
Security Bulletin: Vulnerability in Apache Tomcat affects App Connect Professional.
Summary App Connect Professional has addressed the following vulnerabilities reported in Apache Tomcat. Vulnerability Details ** CVEID: CVE-2023-45648 DESCRIPTION: **Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP trailer headers. By sending a specially...
5.3CVSS
6.2AI Score
0.002EPSS
An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment, allows remote attackers to cause a denial of service (DoS) via a crafted request to the E2Manager API...
7.7CVSS
7.2AI Score
0.001EPSS
Have you ever watched a film where a hacker would plug-in, seemingly ordinary, USB drive into a victim's computer and steal data from it? - A proper wet dream for some. Disclaimer: All content in this project is intended for security research purpose only. Introduction During the summer of...
7.8AI Score
8.8CVSS
8.9AI Score
0.005EPSS
[SECURITY] [DLA 3698-1] thunderbird security update
Debian LTS Advisory DLA-3698-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 29, 2023 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.6.0-1~deb10u1 CVE...
8.8CVSS
8.9AI Score
0.005EPSS
[SECURITY] [DLA 3697-1] firefox-esr security update
Debian LTS Advisory DLA-3697-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 29, 2023 https://wiki.debian.org/LTS Package : firefox-esr Version : 115.6.0esr-1~deb10u1 CVE...
8.8CVSS
8.5AI Score
0.005EPSS
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional.
Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in July 2023, App Connect Professional has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-22045 ...
3.7CVSS
6.6AI Score
0.001EPSS
Security Bulletin: Vulnerability in Apache Tomcat affects App Connect Professional.
Summary App Connect Professional has addressed the following vulnerabilities reported in Apache Tomcat. Vulnerability Details ** CVEID: CVE-2023-41080 DESCRIPTION: **Apache Tomcat could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the FORM...
6.1CVSS
7AI Score
0.002EPSS
Security Bulletin: Vulnerability in Apache Tomcat affects App Connect Professional.
Summary App Connect Professional has addressed the following vulnerabilities reported in Apache Tomcat. Vulnerability Details ** CVEID: CVE-2023-42794 DESCRIPTION: **Apache Tomcat is vulnerable to a denial of service, caused by accumulation of temporary files on Windows when a web application...
5.9CVSS
6.9AI Score
0.0004EPSS
Security Bulletin: Vulnerability in Apache ActiveMQ affects App Connect Professional.
Summary App Connect Professional has addressed the following vulnerability reported in Apache ActiveMQ. Vulnerability Details ** CVEID: CVE-2023-46604 DESCRIPTION: **Apache ActiveMQ and ActiveMQ Legacy OpenWire Module could allow a remote attacker to execute arbitrary code on the system, caused...
10CVSS
7.7AI Score
0.964EPSS
Security Bulletin: Vulnerability in Apache Tomcat affects App Connect Professional.
Summary App Connect Professional has addressed the following vulnerabilities reported in Apache Tomcat. Vulnerability Details ** CVEID: CVE-2023-42795 DESCRIPTION: **Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by an incomplete Cleanup vulnerability when...
5.3CVSS
6.3AI Score
0.01EPSS
Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11479)
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. An attacker with network access to affected products could cause a denial of service condition because of a vulnerability in the TCP retransmission queue implementation kernel when handling TCP...
7.5CVSS
7.5AI Score
0.974EPSS
Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11477)
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The kernel used in some products is affected by an integer overflow when handling TCP Selective Acknowledgements. A remote attacker could use this to cause a denial of service. This plugin only...
7.5CVSS
7.7AI Score
0.974EPSS
Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11478)
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. A remote attacker could cause a denial of service condition by sending specially crafted TCP Selective Acknowledgment (SACK) sequences to affected products. This plugin only works with Tenable.ot....
7.5CVSS
7.6AI Score
0.974EPSS
Siemens Industrial Products Excessive Data Query Operations in a Large Data Table (CVE-2019-8460)
Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. The vulnerability could allow a remote attacker to cause a denial of service condition. OpenBSD kernel version <= 6.5 can be forced to create long chains of TCP SACK holes that causes very expensi...
7.5CVSS
7.7AI Score
0.974EPSS
[SECURITY] [DSA 5582-1] thunderbird security update
Debian Security Advisory DSA-5582-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 21, 2023 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2023-6856 CVE-2023-6857...
8.8CVSS
7.8AI Score
0.005EPSS
8.8CVSS
8.9AI Score
0.005EPSS
[SECURITY] [DSA 5581-1] firefox-esr security update
Debian Security Advisory DSA-5581-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 20, 2023 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2023-6856 CVE-2023-6857...
8.8CVSS
7.1AI Score
0.005EPSS
Debian DSA-5581-1 : firefox-esr - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5581 advisory. The WebGL DrawElementsInstanced method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an...
8.8CVSS
9.1AI Score
0.005EPSS
Tenable SecurityCenter Multiple Vulnerabilities (TNS-2023-44)
According to its self-reported version, the Tenable SecurityCenter running on the remote host is . It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-44 advisory. Security Center leverages third-party software to help provide underlying functionality. One of the...
7.5CVSS
7.8AI Score
0.004EPSS
[2.28-225.0.4.6] - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode. - CVE-2023-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaih_inet (RHEL-2435). - CVE-2023-4813: work around RHEL-8 limitation in test (RHEL-2435). Reviewed by: Jose...
7.8CVSS
7.6AI Score
0.014EPSS
[R1] Stand-alone Security Patch Available for Tenable Security Center versions 5.23.1, 6.0.0, 6.1.0, 6.1.1, and 6.2.0: SC-202312.1 Arnie Cabral Thu, 12/14/2023 - 10:41 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components...
7.5AI Score
Download of Code Without Integrity Check vulnerability in PHOENIX CONTACT classic line PLCs allows an unauthenticated remote attacker to modify some or all applications on a...
7.5CVSS
7.7AI Score
0.001EPSS
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected...
9.8CVSS
9.6AI Score
0.002EPSS
Siemens SIMATIC and SIPLUS Products
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
7.5CVSS
8.3AI Score
0.0005EPSS
Siemens Simantic S7-1500 CPU family
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
7.5CVSS
7.7AI Score
0.001EPSS
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
9.8CVSS
9.5AI Score
0.732EPSS
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.326.6.el7] - Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d' (Junxiao Bi) [Orabug: 35914789] - md: bypass block throttle for superblock update (Junxiao Bi) [Orabug: 35914789] [5.4.17-2136.326.5.el7] - Revert 'tracing: Increase trace array ref count on enable and filter...
8.8CVSS
8AI Score
0.024EPSS
Unbreakable Enterprise kernel-container security update
[5.4.17-2136.326.6.el8] - Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d' (Junxiao Bi) [Orabug: 35914789] - md: bypass block throttle for superblock update (Junxiao Bi) [Orabug: 35914789] [5.4.17-2136.326.5.el8] - Revert 'tracing: Increase trace array ref count on enable and filter...
8.8CVSS
8AI Score
0.024EPSS
Unbreakable Enterprise kernel security update
[5.15.0-201.135.6] - Revert ncsi: Propagate carrier gain/loss events to the NCSI controller (Johnathan Mantey) - netfilter: nf_tables: split async and sync catchall in two functions (Pablo Neira Ayuso) - netfilter: nf_tables: remove catchall element in GC sync path (Pablo Neira Ayuso) - scsi:...
8.8CVSS
8.8AI Score
0.024EPSS
Unbreakable Enterprise kernel security update
[5.4.17-2136.326.6] - Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d' (Junxiao Bi) [Orabug: 35914789] - md: bypass block throttle for superblock update (Junxiao Bi) [Orabug: 35914789] [5.4.17-2136.326.5] - Revert 'tracing: Increase trace array ref count on enable and filter files'...
8.8CVSS
9.8AI Score
0.024EPSS
Affected devices improperly handle specially crafted packets sent to port 102/tcp. This could allow an attacker to create a denial of service condition. A restart is needed to restore normal...
7.5CVSS
7.4AI Score
0.001EPSS
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU...
7.5CVSS
7.5AI Score
0.0005EPSS
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU...
7.5CVSS
0.0005EPSS
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU...
7.5CVSS
0.0005EPSS
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU...
7.5CVSS
7.3AI Score
0.0005EPSS
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU...
7.5CVSS
7.5AI Score
0.0005EPSS
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU...
7.5CVSS
7AI Score
0.0005EPSS