1904 matches found
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23228)
In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of activenumconn in ksmbdtcpnewconnection On kthreadrun failure in ksmbdtcpnewconnection, the transport is freed via freetransport, which does not decrement activenumconn, leaking this counter. Replace...
Siemens RuggedCom Rox Out-of-bounds Write (CVE-2022-34835)
In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the i2c md command enables the corruption of the return address pointer of the doi2cmd function. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40257)
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcppmdeladdtimer mptcppmdeladdtimer can call skstoptimersyncsk, &entry-addtimer while another might have free entry already, as reported by syzbot. Add RCU protection to fix this issue. Also change confusin...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40214)
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...
Siemens RUGGEDCOM RST2428P Integer Overflow or Wraparound (CVE-2025-13601)
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the gescapeuristring function. If the string to escape contains a very large number of unacceptable characters which would need escaping, the calculation of the length of the escaped string...
Siemens RuggedCom Rox Out-of-bounds Read (CVE-2019-14197)
An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfsreadreply. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
Siemens RUGGEDCOM RST2428P Stack-based Buffer Overflow (CVE-2025-6170)
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare...
Siemens RuggedCom Rox Out-of-bounds Write (CVE-2019-14193)
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfsreadlinkreply, in the if block after calculating the new path length. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23230)
In the Linux kernel, the following vulnerability has been resolved: smb: client: split cachedfid bitfields to avoid shared-byte RMW races isopen, haslease and onlist are stored in the same bitfield byte in struct cachedfid but are updated in different code paths that may run concurrently. Bitfiel...
Siemens RuggedCom Rox Integer Underflow (Wrap or Wraparound) (CVE-2019-14192)
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an ncinputpacket call. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens RuggedCom Rox Out-of-bounds Write (CVE-2022-30790)
Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid505465;...
Siemens RUGGEDCOM RST2428P Path Traversal (CVE-2025-7039)
A flaw was found in glib. An integer overflow during temporary file creation leads to an out-of-bounds memory access, allowing an attacker to potentially perform path traversal or access private temporary file content by creating symbolic links. This vulnerability allows a local attacker to...
Siemens SINEC OS Use of Web Browser Cache Containing Sensitive Information (CVE-2026-41918)
The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data stored in the browser. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-71185)
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation. This plugin only works with Tenable.ot...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23238)
"In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by setti...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-10966)
curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM RST2428P Multiple Releases of Same Resource or Handle (CVE-2025-40261)
In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrl nvmefcdeleteassocation waits for pending I/O to complete before returning, and an error can cause -ioerrwork to be queued after cancelworksync had been called. Mov...
Siemens RuggedCom Rox Integer Underflow (Wrap or Wraparound) (CVE-2019-14199)
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a netprocessreceivedpacket integer underflow during an udppackethandler call. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...
Siemens RuggedCom Rox Path Traversal (CVE-2025-6020)
A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM RST2428P User Interface (UI) Misrepresentation of Critical Information (CVE-2025-46394)
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...