Lucene search
K

314 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Siemens SIMATIC S7 PLC Web Server Improper Neutralization of Input During Web Page Generation (CVE-2026-25787)

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the 'Motion Control Diagnostics' page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

9.3CVSS7.2AI score0.0037EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

Siemens SIMATIC S7-1500 TM MFP Use After Free (CVE-2026-28387)

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

8.1CVSS7.6AI score0.00631EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Siemens SIMATIC S7-1500 TM MFP NULL Pointer Dereference (CVE-2026-28390)

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denia...

7.5CVSS7.3AI score0.00805EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.15 views

Siemens SIMATIC S7-1500 Incorrect Resource Transfer Between Spheres (CVE-2026-31431)

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algifaead since the source and destination...

7.8CVSS6.9AI score0.96267EPSS
Exploits230References3
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.4 views

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2025-38167)

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdrfirstde return value The hdrfirstde function returns a pointer to a struct NTFSDE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help...

5.5CVSS6.1AI score0.00138EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Improper Input Validation(CVE-2025-38457)

In the Linux kernel, the following vulnerability has been resolved: net/sched: Abort tcmodifyqdisc if parent class does not exist Lion's patch 1 revealed an ancient bug in the qdisc API. Whenever a user creates/modifies a qdisc specifying as a parent another qdisc, the qdisc API will, during...

5.5CVSS6.2AI score0.00161EPSS
Exploits0References2
CNVD
CNVD
added 2026/03/10 12:0 a.m.2 views

Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP add-on GNU/Linux subsystem.

The SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP is the central processing unit CPU of the Siemens S7-1500 series for high-performance, communication-demanding and complex automation tasks. Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP add-on GNU/Linux subsystem,...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.9 views

Siemens SIMATIC S7-1500 Use After Free (CVE-2025-38708)

In the Linux kernel, the following vulnerability has been resolved: drbd: add missing krefget in handlewriteconflicts With two- primaries enabled, DRBD tries to detect concurrent writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they end...

7.8CVSS6.4AI score0.00157EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2025-39697)

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updating an existing write After nfslockandjoinrequests tests for whether the request is still attached to the mapping, nothing prevents a call to nfsinoderemoverequest from succeeding until we actually lock...

4.7CVSS6.6AI score0.00132EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.11 views

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2025-39783)

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is not correct as this field is a list head, not a list entry. This listdel call triggers a KASA...

7.8CVSS6.5AI score0.00152EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2025-39724)

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: fix panic due to PSLVERR When the PSLVERRRESPEN parameter is set to 1, the device generates an error response if an attempt is made to read an empty RBR Receive Buffer Register while the FIFO is enabled. In...

5.5CVSS6.8AI score0.00157EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.12 views

Siemens SIMATIC S7-1500 Improper Locking (CVE-2025-39773)

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in brmulticastqueryexpired When set multicastqueryinterval to a large value, the local variable 'time' in brmulticastsendquery may overflow. If the time is smaller than jiffies, the timer will expire...

5.5CVSS6.8AI score0.0011EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/16 12:0 a.m.12 views

Siemens SIMATIC S7-1500 Use of Uninitialized Resource (CVE-2025-38691)

In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function exttreepreparecommit reallocates a larger buffer to retry encoding extents, the layoutupdatepages page array...

5.5CVSS5.5AI score0.00165EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.7 views

Siemens SIMATIC S7-1500 Improper Check for Unusual or Exceptional Conditions (CVE-2025-69420)

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

7.5CVSS5.7AI score0.00768EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.5 views

Siemens S7-1500 Use After Free (CVE-2025-7425)

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS6.3AI score0.00339EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.6 views

Siemens S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-11082)

A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be use...

7.8CVSS5.7AI score0.00234EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.6 views

Siemens S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-11494)

A vulnerability was found in GNU Binutils 2.45. Impacted is the function bfdx86elflatesizesections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Th...

5.5CVSS4.8AI score0.00198EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.8 views

Siemens S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-7546)

A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfdelfsetgroupcontents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has bee...

7.8CVSS5.3AI score0.00172EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.6 views

Siemens S7-1500 NULL Pointer Dereference (CVE-2025-8224)

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfdelfgetstrsection of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack...

5.5CVSS4.4AI score0.00225EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.7 views

Siemens S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2025-11412)

A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfdelfgcrecordvtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and...

5.5CVSS4.8AI score0.00189EPSS
Exploits1References2
Rows per page
Query Builder