Lucene search
K

3867 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.4 views

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38198)

In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the storemodes sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in...

7.8CVSS6.2AI score0.00155EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.2 views

Siemens SIMATIC S7-1500 Missing Release of Memory after Effective Lifetime (CVE-2025-38124)

In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 net: gso: fix udp gso fraglist segmentation after pull from fraglist detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to mo...

5.5CVSS6.1AI score0.00148EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-38063)

In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQPREFLUSH When a bio with REQPREFLUSH is submitted to dm, sendemptyflush generates a flushbio with REQOPWRITE | REQPREFLUSH | REQSYNC, which causes the flushbio to be throttled by...

5.5CVSS6.1AI score0.00145EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.10 views

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2025-38393)

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

4.7CVSS6AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.2 views

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2025-38451)

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix GPF in bitmapgetstats The commit message of commit 6ec1f0239485 md/md-bitmap: fix stats collection for external bitmaps states: Remove the external bitmap check as the statistics should be available regardless o...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.12 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2025-38342)

In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in softwarenodegetreferenceargs softwarenodegetreferenceargs wants to get @index-th element, so the property value requires at least 'index + 1 sizeofref' bytes but that can not be guaranteed by...

7.1CVSS6.1AI score0.00163EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.7 views

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2025-38083)

In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeflushbacklog 3: unlock root | ...

4.7CVSS6AI score0.00111EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Double Free (CVE-2025-38079)

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed. However, it is also freed in afalgrelease, leading to...

7.8CVSS6.3AI score0.00175EPSS
Exploits0References2
NCSC
NCSC
added 2026/03/10 12:39 p.m.9 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as Heliox, Ruggedcom, SICAM, SIDIS and SIMATIC. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data -...

9.8CVSS7.4AI score0.85844EPSS
Exploits12References5
CNVD
CNVD
added 2026/03/10 12:0 a.m.2 views

Siemens SIMATIC S7-1500 Device Stored Cross-Site Scripting Vulnerability

SIMATIC S7-1500 is an industrial controller from Siemens. A stored cross-site scripting vulnerability exists in the Siemens SIMATIC S7-1500, which can be exploited by an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in a web interface...

9.6CVSS5.7AI score0.00458EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.5 views

Siemens多款产品 跨站脚本漏洞

SIMATIC S7-1500 is an industrial controller from Siemens. A stored cross-site scripting vulnerability exists in the Siemens SIMATIC S7-1500, which can be exploited by an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in a web interface...

9.6CVSS6AI score0.00458EPSS
Exploits0References1
ICS
ICS
added 2026/03/10 12:0 a.m.15 views

Siemens SIMATIC

SUMMARY SIMATIC S7-1500 devices contain a vulnerability that could allow an attacker to inject code by tricking a legitimate user into importing a specially crafted trace file in the web interface. Siemens has released new versions for several affected products and recommends to update to the...

9.6CVSS6.2AI score0.00458EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Missing Release of Resource after Effective Lifetime (CVE-2025-38721)

"In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix refcount leak on table dump There is a reference count leak in ctnetlinkdumptable: if res ctgeneral %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505170;...

5.5CVSS7AI score0.00155EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.11 views

Siemens SIMATIC S7-1500 Improper Check for Dropped Privileges (CVE-2025-39798)

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be inherited when we cross into a new filesystem. They need to be reset to the minimal defaults, and then probed for again. This plugin...

5.5CVSS6.7AI score0.00154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2025-38701)

In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINEDATAFL lacks system.data xattr A syzbot fuzzed image triggered a BUGON in ext4updateinlinedata when an inode had the INLINEDATAFL flag set but was missing the system.data extended attribute. Since this...

5.5CVSS6.5AI score0.00165EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2025-39683)

In the Linux kernel, the following vulnerability has been resolved: tracing: Limit access to parser-buffer when tracegetuser failed When the length of the string written to setftracefilter exceeds FTRACEBUFFMAX, the following KASAN alarm will be triggered: BUG: KASAN: slab-out-of-bounds in...

7.1CVSS5.3AI score0.00164EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2025-39787)

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...

5.5CVSS5.5AI score0.00148EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.8 views

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2025-39795)

In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we check that the t-chunksectors value is a multiple of the t-physicalblocksize value. However, by finding the chunksectors value in bytes...

5.5CVSS6.5AI score0.00149EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.6 views

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-69421)

Issue summary: Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex...

7.5CVSS5.6AI score0.00844EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.7 views

Siemens SIMATIC and SIPLUS products Uncontrolled Resource Consumption (CVE-2025-40944)

Affected devices do not properly handle S7 protocol session disconnect requests. When receiving a valid S7 protocol Disconnect Request COTP DR TPDU on TCP port 102, the devices enter an improper session state. This could allow an attacker to cause the device to become unresponsive, leading to a...

8.7CVSS5.5AI score0.00397EPSS
Exploits0References7
Rows per page
Query Builder