Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.11 views

Siemens SCALANCE Improper Input Validation (CVE-2020-26145)

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second or subsequent broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets...

6.5CVSS6.9AI score0.03515EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2021-3520)

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

9.8CVSS6.8AI score0.03216EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.9 views

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2021-41617)

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with...

7CVSS6.8AI score0.02367EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.7 views

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-27024)

Vulnerability in the Linux kernel: net/rds: WARNING in rdsconnconnectifdown If connection isn't established yet, getmr will fail, trigger connection after getmr. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

7.8CVSS6.8AI score0.00312EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.6 views

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-35967)

Bluetooth: SCO: Fix not validating setsockopt user input This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503473; scriptversion"1.2";...

7.1CVSS7.5AI score0.00237EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.7 views

Siemens SIMATIC Devices Improper Input Validation (CVE-2023-52447)

bpf: Defer the free of inner map when necessary when updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the ref-counter of the inner map directly through bpfmapput, if the...

6.7CVSS7.2AI score0.00248EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.6 views

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-35915)

nfc: nci: Fix uninit-value in ncidevup and ncintfpacket This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503499; scriptversion"1.2";...

5.5CVSS7.3AI score0.00221EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.3 views

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-35973)

geneve: fix header validation in genevexmitskb This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503444; scriptversion"1.2";...

5.5CVSS7.3AI score0.0025EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-34361

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00421EPSS
Exploits0References2
NVD
NVD
added 2025/08/12 12:15 p.m.4 views

CVE-2025-40759

A vulnerability has been identified in SIMATIC S7-PLCSIM V17 All versions, SIMATIC STEP 7 V17 All versions V17 Update 9, SIMATIC STEP 7 V18 All versions, SIMATIC STEP 7 V19 All versions V19 Update 4, SIMATIC STEP 7 V20 All versions V20 Update 4, SIMATIC WinCC V17 All versions V17 Update 9, SIMATI...

8.5CVSS0.00172EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.6 views

Siemens SIMATIC S7-1500 TM MFP BIOS Out-of-bounds Write (CVE-2022-4378)

A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. This plugin only works with Tenable.ot. Please visit...

7.8CVSS6.5AI score0.00431EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/24 12:0 a.m.8 views

Siemens SCALANCE W700 NULL Pointer Dereference (CVE-2023-28484)

In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

6.5CVSS6.7AI score0.01086EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.3 views

PT-2024-8714 · Siemens · Scalance Wam766-1 +15

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RM1224 LTE4G EU versions prior to V8.2 RUGGEDCOM RM1224 LTE4G NAM versions prior to V8.2 SCALANCE M804PB versions prior to V8.2 SCALANCE M812-1 ADSL-Router versions prior to V8.2 SCALANCE M816-1 ADSL-Router versions prior to V8.2...

8.6CVSS6.8AI score0.00648EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/09/25 12:0 a.m.9 views

Siemens Third Party Component in SICAM products Copy without Checking Size of Input (CVE-2024-34057)

Triangle Microworks TMW IEC 61850 Client source code libraries before 12.2.0 lack a buffer size check when processing received messages. The resulting buffer overflow can cause a crash, resulting in a denial of service. This plugin only works with Tenable.ot. Please visit...

8.2CVSS5.9AI score0.00444EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/09 12:0 a.m.4 views

PT-2024-5283 · Siemens · Siprotec 5

Name of the Vulnerable Software and Affected Versions: SIPROTEC 5 6MD84 CP300 versions prior to V9.64 SIPROTEC 5 6MD85 CP200 versions prior to V9.64 SIPROTEC 5 6MD85 CP300 versions prior to V9.64 SIPROTEC 5 6MD86 CP200 versions prior to V9.64 SIPROTEC 5 6MD86 CP300 versions prior to V9.64 SIPROTE...

8.2CVSS6.7AI score0.00205EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/09/12 12:0 a.m.2 views

PT-2023-5159 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 all versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prio...

7.8CVSS7.7AI score0.00313EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2022/08/15 12:0 a.m.8 views

The vulnerability of Siemens’ software and hardware infrastructure, which arises due to the failure to take measures to neutralize specific elements, allows a perpetrator to execute arbitrary code.

Siemens’ software-hardware vulnerabilities exist due to the lack of measures taken to neutralize these special elements. Exploiting these vulnerabilities allows a remote attacker to execute arbitrary code...

9.1CVSS7.7AI score0.01318EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/15 12:0 a.m.5 views

The vulnerability of Siemens’ software and hardware infrastructure lies in the lack of measures taken to eliminate script-related tags on web pages, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of Siemens’ software and hardware infrastructure is related to the failure to remove script-related HTML tags from web pages. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

9CVSS6.2AI score0.00794EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/09 12:0 a.m.5 views

PT-2021-22878 · Siemens · Simatic Pcs 7 +1

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions prior to V9.1 SP1 SIMATIC PCS 7 version V8.2 SIMATIC PCS 7 version V9.0 through V9.0 SP3 UC03 SIMATIC WinCC versions prior to V15 SP1 Update 7 SIMATIC WinCC versions prior to V16 Update 5 SIMATIC WinCC versions prior to...

5.5CVSS5.2AI score0.00233EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.6 views

SIMATIC PCS 7 和 SIMATIC WinCC 授权问题漏洞

Siemens SIMATIC WinCC is an automated data acquisition and monitoring SCADA system from Siemens, Germany. A security vulnerability exists in Siemens SIMATIC WinCC. The vulnerability is caused due to an insecure password authentication process, which can be exploited by an attacker to bypass the...

5.5CVSS6AI score0.00336EPSS
Exploits0References4
Rows per page
Query Builder