Lucene search
+L

1907 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.9 views

Siemens RUGGEDCOM RST2428P Prototype Pollution (CVE-2025-13465)

Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unsetand .omitfunctions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwriting their original...

8.2CVSS6.6AI score0.01535EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.11 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23033)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dmapool resource leak in error paths The dmapool created by dmapoolcreate is not destroyed when dmaasyncdeviceregister or ofdmacontrollerregister fails, causing a resource leak in the probe error paths. A...

5.7AI score0.00202EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RuggedCom Rox Integer Underflow (Wrap or Wraparound) (CVE-2019-13104)

In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy to overwrite a very large amount of data including the whole stack while reading a crafted ext4 filesystem. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...

7.8CVSS6.7AI score0.01118EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.9 views

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-14201)

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfslookupreply. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

9.8CVSS7.6AI score0.02488EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.9 views

Siemens Ruggedcom Rox Improper Neutralization of Argument Delimiters in a Command (CVE-2025-40948)

Affected devices do not properly validate input in the web server's JSON-RPC interface. This could allow an authenticated remote attacker to read arbitrary files from the underlying operating system's filesystem with root privileges. This plugin only works with Tenable.ot. Please visit...

6.8CVSS7.3AI score0.00286EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23228)

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of activenumconn in ksmbdtcpnewconnection On kthreadrun failure in ksmbdtcpnewconnection, the transport is freed via freetransport, which does not decrement activenumconn, leaking this counter. Replace...

5.5CVSS5.9AI score0.00118EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.11 views

Siemens RUGGEDCOM RST2428P Privilege Dropping / Lowering Errors (CVE-2026-35535)

In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

7.8CVSS5.8AI score0.00173EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2022-34835)

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the i2c md command enables the corruption of the return address pointer of the doi2cmd function. This plugin only works with Tenable.ot. Please visit...

9.8CVSS7.8AI score0.02037EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.12 views

CVE-2025-40948

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

6.8CVSS7.8AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.10 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.4AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.10 views

CVE-2025-40947

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

7.7CVSS8.5AI score0.00442EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.11 views

CVE-2026-27668

A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P All versions V5.8. User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access t...

8.8CVSS5.4AI score0.00259EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 2:16 p.m.19 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS0.00194EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/02 12:6 p.m.40 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS0.00194EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 12:6 p.m.8 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/02 12:6 p.m.11 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References1
CVE
CVE
added 2026/06/02 12:6 p.m.31 views

CVE-2026-41918

The vulnerability CVE-2026-41918 affects RUGGEDCOM RST2428P (6GK6242-6PA00) all versions before V4.0. The issue arises when an authenticated user modifies certain configurations, causing sensitive information to be stored in the browser cache. An authenticated attacker could access this cached da...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/02 12:6 p.m.13 views

EUVD-2026-33914

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.10 views

Siemens RUGGEDCOM RST2428P 安全漏洞

The Siemens RUGGEDCOM RST2428P is a server communication device produced by the German company Siemens. Versions of Siemens RUGGEDCOM RST2428P prior to 4.0 contained security vulnerabilities. These vulnerabilities stemmed from the practice of storing sensitive information in the browser cache whe...

5.9CVSS5.4AI score0.00194EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.24 views

PT-2026-45755

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References2
Rows per page
Query Builder