Siemens SCALANCE and RUGGEDCOM Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2023-42366)

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Siemens SCALANCE and RUGGEDCOM Use After Free (CVE-2023-42363)

A use-after-free vulnerability was discovered in xasprintf function in xfuncsprintf.c:344 in BusyBox v.1.36.1. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-39853)

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty listfirstentry never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory access when dereferenced. Fi...

Siemens RUGGEDCOM ROS

SUMMARY Ruggedcom ROS devices contain a temporary denial of service vulnerability that could allow an attacker to crash and restart the device. Siemens has released new versions for the affected products and recommends to update to the latest versions. 2. GENERAL RECOMMENDATIONS As a general...

Siemens SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-53194)

PCI: vulnerability causes a use-after-free error during hot removal of a USB4 dock due to improper handling of pcislot and pcibus references, which is fixed by ensuring pcislot acquires a reference to pcibus. This plugin only works with Tenable.ot. Please visit...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-45021)

memcgwriteeventcontrol: a user-triggerable oops. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504527; scriptversion"1.2";...

EUVD-2025-27235

Malicious code in bioql PyPI...

EUVD-2025-17680

Malicious code in bioql PyPI...

EUVD-2025-17681

Malicious code in bioql PyPI...

CVE-2025-40803

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions. The affected device exposes certain non-critical information from the device. This could allow an unauthenticated attacker to access sensitive data, potentially leading to a breach of confidentiality...

CVE-2025-40802

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions. The affected device may be susceptible to resource exhaustion when subjected to high volumes of query requests. This could allow an attacker to cause a temporary denial of service, with the system recovering onc...

CVE-2025-40803

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions. The affected device exposes certain non-critical information from the device. This could allow an unauthenticated attacker to access sensitive data, potentially leading to a breach of confidentiality...

Siemens RUGGEDCOM ROX I Security Bypass Vulnerability

Siemens RuggedCom ROX-based firewall devices are used for device connectivity in harsh environments, such as substations, traffic management chassis, and more. A security bypass vulnerability exists in Siemens RUGGEDCOM ROX I, which can be exploited by an attacker to bypass the access restriction...