Lucene search
+L

5 matches found

nessus
nessus
added 2025/03/13 12:0 a.m.13 views

Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2016-10011)

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process. This plugin only works with Tenable.ot. Please visi...

6.2CVSS6.9AI score0.01101EPSS
Exploits1References8
nessus
nessus
added 2025/03/13 12:0 a.m.10 views

Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2016-10010)

sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c. This plugin only works with Tenable.ot. Please visit...

7CVSS7.3AI score0.0424EPSS
Exploits2References4
nessus
nessus
added 2025/03/13 12:0 a.m.14 views

Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-0800)

A cross-protocol attack was discovered that could allow an attacker to decrypt intercepted TLS sessions by using a server supporting SSLv2 as a Bleichenbacher RSA padding oracle. In order to exploit the vulnerability, the attacker must have network access to the affected devices and must be in a...

5.9CVSS7.4AI score0.82112EPSS
Exploits2References4
nessus
nessus
added 2025/03/13 12:0 a.m.6 views

Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-2107)

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability...

5.9CVSS7.4AI score0.89058EPSS
Exploits6References4
nessus
nessus
added 2025/03/13 12:0 a.m.11 views

Siemens SCALANCE X-200RNA Switch Devices Improper Input Validation (CVE-2016-6302)

The tlsdecryptticket function in ssl/t1lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.4AI score0.26441EPSS
Exploits1References4
Rows per page
Query Builder