3865 matches found
Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2025-21639)
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: rtomin/max: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38565)
wifi: ar5523: enable proper endpoint verification Syzkaller reports 1 hitting a warning about an endpoint in use not having an expected type to it. Fix the issue by checking for the existence of all proper endpoints with their according types intact. Sadly, this patch has not been tested on real...
Siemens SIMATIC Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-41016)
ocfs2: strict bound check before memcmp in ocfs2xattrfindentry xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images. This plugin only...
Siemens SIMATIC Devices Improper Input Validation (CVE-2023-52447)
bpf: Defer the free of inner map when necessary when updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the ref-counter of the inner map directly through bpfmapput, if the...
Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-35933)
Bluetooth: btintel: Fix null ptr deref in btintelreadversion This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503657; scriptversion"1.2";...
Siemens SIMATIC Devices Improper Validation of Specified Type of Input (CVE-2024-35897)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: discard table flag update with pending basechain deletion Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both commands are combine...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43889)
padata: vulnerability due to a possible divide-by-zero error in padatamthelper during bootup, caused by an uninitialized chunksize being zero. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Siemens SIMATIC and SCALANCE Devices Improper Validation of Array Index (CVE-2025-21692)
net: sched: fix ets qdisc OOB Indexing This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503404; scriptversion"1.3";...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26907)
RDMA/mlx5: Fixed fortify source warning while accessing Eth segment. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503475; scriptversion"1.2";...
Siemens SIMATIC Devices Loop with Unreachable Exit Condition (CVE-2024-35982)
batman-adv: Avoid infinite loop trying to resize local TT This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503691; scriptversion"1.2";...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26872)
RDMA/srpt: use-after-free Write in srptrefreshport. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503489; scriptversion"1.2";...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Resource Locking (CVE-2024-47660)
In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually negative dentries. Hence fsnotifyupdatechilddentryflags function can take a significant amount of time. Since the bulk of this function...
Siemens SIMATIC Devices Missing Release of Memory after Effective Lifetime (CVE-2024-39493)
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADFDEVRESETSYNC memory leak Using completiondone to determine whether the caller has gone away only works after a complete call. Furthermore it's still possible that the caller has not yet called...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-40912)
wifi: mac80211: deadlock in ieee80211stapsdeliverwakeup. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503488; scriptversion"1.3";...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-58016)
safesetid: check size of policy writes This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503452; scriptversion"1.2";...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2021-47316)
nfsd: NULL dereference in nfs3svcencodegetaclres. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503651; scriptversion"1.3";...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-43890)
tracing: vulnerability due to an overflow in getfreeelt, which could lead to infinite loops and CPU hangs when the tracing map becomes full. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-35902)
net/rds: possible cp null dereference cp might be null, calling cp-cpconn would produce null dereference. Cp is a parameter of rdsrdmamap and is not reassigned. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 809...
Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21704)
usb: cdc-acm: Check control transfer buffer size before access This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503558; scriptversion"1.2";...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-36006)
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix incorrect list API usage This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; ...