Lucene search
K

1904 matches found

nessus
nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-71188)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References3
nessus
nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-14202)

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfshandler reply helper function: nfsreadlinkreply. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

9.8CVSS7.6AI score0.02488EPSS
Exploits0References3
nessus
nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40262)

In the Linux kernel, the following vulnerability has been resolved: Input: imxsckey - fix memory corruption on unload This is supposed to be priv but we accidentally pass &priv which is an address in the stack and so it will lead to memory corruption when the imxsckeyaction function is called...

5.7AI score0.00171EPSS
Exploits0References3
nessus
nessus
added 2026/06/18 12:0 a.m.6 views

Siemens RUGGEDCOM RST2428P Privilege Dropping / Lowering Errors (CVE-2026-35535)

In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

7.8CVSS5.8AI score0.00173EPSS
Exploits0References3
nessus
nessus
added 2026/06/18 12:0 a.m.8 views

Siemens RUGGEDCOM RST2428P Cross-site Scripting (CVE-2026-22610)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.18, 20.3.16, 21.0.7, and 21.1.0-rc.0, a cross-site scripting XSS vulnerability has been identified in the Angular Template Compiler. The...

8.5CVSS6.2AI score0.00444EPSS
Exploits1References4
nessus
nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-71191)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: athdmac: fix device leak on ofdmaxlate Make sure to drop the reference taken when looking up the DMA platform device during ofdmaxlate when releasing channel resources. Note that commit 3832b78b3ec2 dmaengine: athdmac:...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References3
nessus
nessus
added 2026/06/18 12:0 a.m.6 views

Siemens Ruggedcom Rox Improper Neutralization of Special Elements Used in an OS Command (CVE-2025-40949)

Affected devices do not properly sanitize user-supplied input in the Scheduler functionality of the Web UI, allowing commands to be injected into the task scheduling backend. This could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying...

9.1CVSS7.5AI score0.00543EPSS
Exploits0References4
nessus
nessus
added 2026/06/18 12:0 a.m.4 views

Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-13106)

Das U-Boot versions 2016.09 through 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

8.3CVSS7AI score0.01764EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/05 7:40 p.m.11 views

CVE-2025-40948

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

6.8CVSS7.8AI score0.00286EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:36 p.m.8 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.4AI score0.00194EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:31 p.m.10 views

CVE-2025-40947

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

7.7CVSS8.5AI score0.00442EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:18 p.m.10 views

CVE-2026-27668

A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary SAM-P All versions V5.8. User Administrators are allowed to administer groups they belong to. This could allow an authenticated User Administrator to escalate their own privileges and grant themselves access t...

8.8CVSS5.4AI score0.00259EPSS
Exploits0References1
nvd
nvd
added 2026/06/02 2:16 p.m.17 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS0.00194EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/02 12:6 p.m.39 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS0.00194EPSS
Exploits0References1
cve
cve
added 2026/06/02 12:6 p.m.29 views

CVE-2026-41918

The vulnerability CVE-2026-41918 affects RUGGEDCOM RST2428P (6GK6242-6PA00) all versions before V4.0. The issue arises when an authenticated user modifies certain configurations, causing sensitive information to be stored in the browser cache. An authenticated attacker could access this cached da...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References1
euvd
euvd
added 2026/06/02 12:6 p.m.12 views

EUVD-2026-33914

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/02 12:6 p.m.8 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/02 12:6 p.m.11 views

CVE-2026-41918

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/02 12:0 a.m.8 views

Siemens RUGGEDCOM RST2428P 安全漏洞

The Siemens RUGGEDCOM RST2428P is a server communication device produced by the German company Siemens. Versions of Siemens RUGGEDCOM RST2428P prior to 4.0 contained security vulnerabilities. These vulnerabilities stemmed from the practice of storing sensitive information in the browser cache whe...

5.9CVSS5.4AI score0.00194EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/02 12:0 a.m.18 views

PT-2026-45755

A vulnerability has been identified in RUGGEDCOM RST2428P 6GK6242-6PA00 All versions V4.0. The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data...

5.9CVSS5.7AI score0.00194EPSS
Exploits0References2
Rows per page
Query Builder