Lucene search
+L

114 matches found

CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Siemens多款产品 跨站脚本漏洞

The Siemens SIMATIC Drive Controller is a series of drive controllers developed by the German company Siemens. Several Siemens products have a cross-site scripting vulnerability. This vulnerability arises from improper validation and cleaning of PLC/site names on the Web interface communication...

9.3CVSS7.3AI score0.0037EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.14 views

Siemens RUGGEDCOM, SCALANCE and SIMATIC Out-of-bounds Read (CVE-2021-3712)

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

7.4CVSS6.8AI score0.50445EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.6 views

Siemens SCALANCE and RUGGEDCOM Missing Authentication for Critical Function (CVE-2025-32433)

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

10CVSS7.1AI score0.98594EPSS
Exploits36References4
Vulnrichment
Vulnrichment
added 2026/01/13 9:44 a.m.6 views

CVE-2025-40944

A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...

8.7CVSS5.4AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.10 views

PT-2026-2354

A vulnerability has been identified in SIMATIC ET 200AL IM 157-1 PN 6ES7157-1AB00-0AB0 All versions, SIMATIC ET 200MP IM 155-5 PN HF 6ES7155-5AA00-0AC0 All versions = V4.2.0, SIMATIC ET 200SP IM 155-6 MF HF 6ES7155-6MU00-0CN0 All versions, SIMATIC ET 200SP IM 155-6 PN HA incl. SIPLUS variants All...

8.7CVSS6.8AI score0.00397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.3 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Locking (CVE-2024-44952)

driver core: vulnerability due to a potential deadlock due to improper handling of device attributes and driver detachment, which has been fixed by using synchronizercu to prevent race conditions. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

6.8AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.3 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50181)

clk: imx: Remove CLKSETPARENTGATE for DRAM mux for i.MX7D. For i.MX7D DRAM related mux clock, the clock source change should ONLY be done done in low level asm code without accessing DRAM, and then calling clk API to sync the HW clock status with clk tree, it should never touch real clock source...

7AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.4 views

Siemens SCALANCE and RUGGEDCOM Devices Allocation of Resources Without Limits or Throttling (CVE-2024-39484)

mmc: davinci: Vulnerability from resource leaks. Using exit for the remove function results in the remove callback being discarded with CONFIGMMCDAVINCI=y. When such a device gets unbound e.g. using sysfs or hotplug, the driver is just removed without the cleanup being performed. This plugin only...

5.5CVSS6.7AI score0.00228EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.2 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-40929)

wifi: iwlwifi: mvm: check nssids before accessing the ssids.In some versions of cfg80211, the ssids poinet might be a valid one even though nssids is 0. Accessing the pointer in this case will cuase an out-of-bound access. This plugin only works with Tenable.ot. Please visit...

7.1CVSS6.7AI score0.00251EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.8 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53063)

media: dvbdev: risk of out of memory access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504788; scriptversion"1.3";...

5.5CVSS6.9AI score0.00272EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.2 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-49963)

mailbox: bcm2835: timeout during suspend mode. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504800; scriptversion"1.3";...

5.5CVSS6.9AI score0.00257EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.4 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Initialization (CVE-2024-50193)

x86/entry32: Clear CPU buffers after register restore in NMI return CPU buffers are currently cleared after call to excnmi, but before register state is restored. This may be okay for MDS mitigation but not for RDFS. Because RDFS mitigation requires CPU buffers to be cleared when registers don't...

7.1CVSS7.2AI score0.00214EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.2 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46719)

usb: typec: ucsi: Fix null pointer dereference in trace ucsiregisteraltmode checks ISERR for the alt pointer and treats NULL as valid. When CONFIGTYPECDPALTMODE is not enabled, ucsiregisterdisplayport returns NULL which causes a NULL pointer dereference in trace. Rather than return NULL, call...

5.5CVSS6.7AI score0.00239EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.6 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-46702)

thunderbolt: Mark XDomain as unplugged when router is removed. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504670; scriptversion"1.3";...

5.5CVSS6.7AI score0.00236EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.3 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56691)

mfd: intelsocpmicbxtwc: Use IRQ domain for USB Type-C device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has inherited flaws. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-...

5.5CVSS6.8AI score0.00213EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.5 views

Siemens SCALANCE and RUGGEDCOM Devices Incorrect Comparison (CVE-2024-9681)

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

6.5CVSS6.6AI score0.0197EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.13 views

Siemens SCALANCE and RUGGEDCOM Devices Double Free (CVE-2024-46673)

scsi: aacraid: Fix double-free on probe failure. aacprobeone calls hardware-specific init functions through the aacdriverident::init pointer, all of which eventually call down to aacinitadapter. If aacinitadapter fails after allocating memory for aacdev::queues, it frees the memory but does not...

7.8CVSS6.8AI score0.00293EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.1 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56754)

crypto: vulnerability due to passing an incorrect parameter type to devmaddactionorreset in the CAAM driver, which is fixed by ensuring the correct parameter type is used to properly release resources. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-o...

5.5CVSS6.9AI score0.00208EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.4 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-50267)

USB: serial: ioedgeport: fix use after free in debug printk The devdbg&urb-dev-dev, ... which happens after usbfreeurburb is a use after free of the urb pointer. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

7.8CVSS6.9AI score0.00284EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.2 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-44988)

net: dsa: mv88e6xxx: vulnerability caused an out-of-bound access in the mv88e6xxx driver due to an ATU violation causing the SPID to exceed DSAMAXPORTS, which was resolved by ensuring the SPID stays within the valid range. This plugin only works with Tenable.ot. Please visit...

5.5CVSS6.7AI score0.00237EPSS
Exploits0References4
Rows per page
Query Builder