2216 matches found
Siemens SCALANCE and RUGGEDCOM Devices Improper Control of Resource Identifiers ('Resource Injection') (CVE-2024-41007)
tcp: avoid too many retransmit packets If a TCP socket is using TCPUSERTIMEOUT. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504724;...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-49863)
vhost/scsi: null-ptr-dereference in vhostscsigetreq. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504486; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Incorrect Comparison (CVE-2024-9681)
When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56589)
scsi: hisisas: Add condresched for no forced preemption model. For no forced preemption model kernel, in the scenario where the expander is connected to 12 high performance SAS SSDs, a call trace may occur. This plugin only works with Tenable.ot. Please visit...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53181)
um: vector: The drvdata is not available in release This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504579; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46731)
drm/amd/pm: vulnerability caused by an out-of-bounds read warning where the index i - 1U can exceed the bounds of the mcdata array when i is zero. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41097)
usb: atm: cxacru: incomplete endpoint checking in cxacrubind. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504539; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50184)
virtiopmem: Check device status before requesting flush. If a pmem device is in a bad status, the driver side could wait for host ack forever in virtiopmemflush, causing the system to hang. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41090)
tap: add missing verification for short frame. Missing to check against the validity of the frame length in the tapgetuserxdp path, which could cause a corrupted skb to be sent downstack. Even before the skb is transmitted, the tapgetuserxdp--skbsetnetworkheader may assume the size is more than...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-47667)
PCI: keystone: Missing workaround for Errata i2037 AM65x SR 1.0. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504745; scriptversion"1.3";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-41022)
drm/amdgpu: vulnerability involves a signedness problem in sdmav40processtrapirq, which can lead to incorrect handling of values and potential errors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
Siemens SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-53237)
Bluetooth: vulnerability due to an use-after-free error in the deviceforeachchild function, where a device may be accessed after it has been freed, potentially leading to a dangling pointer and system instability. This plugin only works with Tenable.ot. Please visit...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46817)
drm/amd/display: Stop amdgpudm initialize when stream nums greater than 6. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504454;...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-44998)
atm: idt77252: use after free in dequeuerx. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504512; scriptversion"1.2";...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-47143)
dma-debug: possible deadlock on radixlock. radixlock shouldn't be held while holding dmahashentryidx.lock otherwise, there's a possible deadlock scenario when dma debug API is called holding rqlock. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot f...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46721)
apparmor: fix possible NULL pointer dereference. profile-parent-dentsAAFSPROFDIR could be NULL only if its parent is made from createmissingancestors.. and 'ent-old' is NULL in aareplaceprofiles... In that case, it must return an error code and the code, -ENOENT represents its state that the path...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56629)
HID: wacom: Due to incorrect dev-product reporting by certain devices, null pointer dereferences occur when dev-product is empty, leading to potential system crashes. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEV...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50194)
arm64: probes: Fix uprobes for big-endian kernels The arm64 uprobes code is broken for big-endian kernels as it doesn't convert the in- memory instruction encoding which is always little-endian into the kernel's native endianness before analyzing and simulating instructions. This plugin only work...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42223)
media: dvb-frontends: tda10048: integer overflow state-xtalhz can be up to 16M, so it can overflow a 32 bit integer when multiplied by pllmfactor. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...
Siemens SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-53240)
xen/netfront: vulnerability causes a crash when removing a device after a suspend/resume cycle due to uninitialized queues, which is fixed by checking for the existence of queues before attempting to stop them. This plugin only works with Tenable.ot. Please visit...