Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2024-49881)

In the Linux kernel, the following vulnerability has been resolved: ext4: update origpath in ext4findextent. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if descripti...

Siemens SIMATIC S7-1500 Expected Behavior Violation (CVE-2025-32728)

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2019-19959)

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2021-43396)

DISPUTED In iconvdata/iso-2022-jp-3.c in the GNU C Library aka glibc 2.34, remote attackers can force iconv to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv use cases. NOTE: the vendor...

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2024-33601)

nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's nscd netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-21848)

In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfpappctrlmsgalloc Add check for the return value of nfpappctrlmsgalloc in nfpbpfcmsgalloc to prevent null pointer dereference. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Return of Pointer Value Outside of Expected Range (CVE-2024-33602)

nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's nscd netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerabili...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-9169)

In the GNU C Library aka glibc or libc6 through 2.29, proceednextnode in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2021-23336)

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

Siemens SIMATIC S7-1500 Unrestricted Upload of File with Dangerous Type (CVE-2019-19925)

zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Siemens SIMATIC S7-1500 Deadlock (CVE-2024-27032)

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential panic during recovery During recovery, if FAULTBLOCK is on, it is possible that f2fsreservenewblock will return -ENOSPC during recovery, then it may trigger panic. Also, if fault injection rate is 1 a...

Siemens SIMATIC S7-1500 Always-Incorrect Control Flow Implementation (CVE-2024-56770)

net/sched: netem: The interface fully stops transferring packets and locks. In this case, the child qdisc and tfifo are empty, but 'qlen' indicates the tfifo is at its limit and no more packets are accepted. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Incomplete Cleanup (CVE-2024-26835)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: set dormant flag on hook register failure This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2023-46862)

An issue was discovered in the Linux kernel through 6.5.9. During a race with SQ thread exit, an iouring/fdinfo.c iouringshowfdinfo NULL pointer dereference can occur. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 Improper Resource Locking (CVE-2024-26772)

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocating blocks from corrupted group in ext4mbfindbygoal Places the logic for checking if the group's block bitmap is corrupt under the protection of the group lock to avoid allocating blocks from the group with a...

Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-2023-29383)

In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...

Siemens SIMATIC S7-1500 Double Free (CVE-2019-5481)

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504277;...

Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Improper Input Validation (CVE-2023-46218)

This flaw allows a malicious HTTP server to set super cookies in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mix...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2023-46219)

When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...

Siemens SIMATIC S7-1500 Detection of Error Condition Without Action (CVE-2025-26465)

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...