Siemens SIMATIC S7-1500 Expected Behavior Violation (CVE-2022-32221)

When doing HTTPS transfers, libcurl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set, if the same handle previously was used to issue a PUT request which used that callback. This flaw may surprise the...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2020-12062)

The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the...

Siemens SIMATIC S7-1500 Use After Free (CVE-2021-3516)

There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. This plugin only works with Tenable.ot...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2020-24977)

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Out-of-bounds Write (CVE-2020-21047)

"The libcpu component which is used by libasm of elfutils version 0.177 git 47780c9e, suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write CWE-787, off-by-one error CWE-193 and reachable assertion CWE-617 %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC S7-1500 Use After Free (CVE-2022-48560)

A use-after-free exists in Python through 3.9 via heappushpop in heapq. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503972; scriptversion"1.3"...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-3859)

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. This plugin only works with Tenable.ot...

Siemens SIMATIC S7-1500 Use of Insufficiently Random Values (CVE-2019-1010025)

DISPUTED GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE: the vendor's position is ASLR bypass itself is not a vulnerability. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Out-of-bounds Write (CVE-2019-12900)

BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of- bounds write when there are many selectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC S7-1500 Uncontrolled Resource Consumption (CVE-2023-32611)

A flaw was found in GLib. GVariant deserialization is vulnerable to a slowdown issue where a crafted GVariant can cause excessive processing, leading to denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements used in a Command (CVE-2014-7209)

run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 Use After Free (CVE-2024-26957)

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements used in an SQL Command (CVE-2022-29155)

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...

Siemens SIMATIC S7-1500 Improper Resource Locking (CVE-2024-26679)

In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2020-29362)

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap- based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS11 function call, the receiving...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2020-36223)

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service double free and out-of-bounds read. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Siemens SIMATIC and SCALANCE Multiple Releases of Same Resource or Handle (CVE-2025-0665)

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-3860)

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Divide By Zero (CVE-2019-16168)

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlitestat1 sz field, aka a severe division by zero in the query planner. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2023-52675)

In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in updateeventsingroup kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. This plugin only works with Tenable.ot. Please visit...