Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sec-consult.com vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2017-12737
An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote malicious users to obtain sensitive device inf...
Siemens Sm-2556 Firmware Enos00
Siemens Sm-2556 Firmware Eta2
Siemens Sm-2556 Firmware Etls00
Siemens Sm-2556 Firmware Modi00
Siemens Sm-2556 Firmware Dnpi00
Siemens Sm-2556 Firmware Erac00
9.8
CVSSv3
CVE-2017-12739
An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote malicious users to execute arbitrary code on t...
Siemens Sm-2556 Firmware Enos00
Siemens Sm-2556 Firmware Erac00
Siemens Sm-2556 Firmware Eta2
Siemens Sm-2556 Firmware Etls00
Siemens Sm-2556 Firmware Modi00
Siemens Sm-2556 Firmware Dnpi00
6.1
CVSSv3
CVE-2017-12738
An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked ...
Siemens Sm-2556 Firmware Erac00
Siemens Sm-2556 Firmware Enos00
Siemens Sm-2556 Firmware Eta2
Siemens Sm-2556 Firmware Etls00
Siemens Sm-2556 Firmware Modi00
Siemens Sm-2556 Firmware Dnpi00
5.5
CVSSv3
CVE-2015-9261
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox prior to 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
7.5
CVSSv3
CVE-2016-2147
Integer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
9.8
CVSSv3
CVE-2016-2148
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to have unspecified impact via vectors involving OPTION_6RD parsing.
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
9.8
CVSSv3
CVE-2020-12501
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.
Pepperl-fuchs Es7510-xt Firmware
Pepperl-fuchs Es8509-xt Firmware
Pepperl-fuchs Es8510-xt Firmware
Pepperl-fuchs Es9528-xtv2 Firmware
Pepperl-fuchs Es7506 Firmware
Pepperl-fuchs Es7510 Firmware
Pepperl-fuchs Es7528 Firmware
Pepperl-fuchs Es8508 Firmware
Pepperl-fuchs Es8508f Firmware
Pepperl-fuchs Es8510 Firmware
Pepperl-fuchs Es8510-xte Firmware
Pepperl-fuchs Es9528 Firmware
Pepperl-fuchs Es9528-xt Firmware
Korenix Jetnet5428g-20sfp Firmware -
Korenix Jetnet5810g Firmware -
Korenix Jetnet4510 Firmware -
Korenix Jetnet5010 Firmware -
Korenix Jetnet5310 Firmware -
Korenix Jetnet6095 Firmware -
Korenix Jetnet4706 Firmware -
Korenix Jetwave 3220 Firmware -
Korenix Jetwave 2311 Firmware -
NA
CVE-2013-1813
util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 0.38
Busybox Busybox 0.46
Busybox Busybox 0.47
Busybox Busybox 0.60.1
Busybox Busybox 0.60.2
Busybox Busybox 0.60.3
Busybox Busybox 1.1.2
Busybox Busybox 1.1.3
Busybox Busybox 1.11.1
Busybox Busybox 1.11.2
Busybox Busybox 1.13.1
Busybox Busybox 1.13.2
Busybox Busybox 1.14.4
Busybox Busybox 1.15.0
Busybox Busybox 1.17.0
Busybox Busybox 1.17.1
Busybox Busybox 1.18.4
Busybox Busybox 1.18.5
Busybox Busybox 1.2.2
Busybox Busybox 1.2.2.1
8.8
CVSSv3
CVE-2017-16544
In the add_match function in libbb/lineedit.c in BusyBox up to and including 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could pot...
Busybox Busybox
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Redlion N-tron 702-w Firmware
Redlion N-tron 702m12-w Firmware
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
NA
CVE-2011-2716
The DHCP client (udhcpc) in BusyBox prior to 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options.
T-mobile Tm-ac1900 3.0.0.4.376 3169
Busybox Busybox 1.18.5
Busybox Busybox 1.18.4
Busybox Busybox 1.17.2
Busybox Busybox 1.18.3
Busybox Busybox 1.18.2
Busybox Busybox 1.17.0
Busybox Busybox 1.16.2
Busybox Busybox 1.16.1
Busybox Busybox 1.14.3
Busybox Busybox 1.14.2
Busybox Busybox 1.13.0
Busybox Busybox 1.12.4
Busybox Busybox 1.11.0
Busybox Busybox 1.10.4
Busybox Busybox 1.9.0
Busybox Busybox 1.8.2
Busybox Busybox 1.6.1
Busybox Busybox 1.6.0
Busybox Busybox 1.3.0
Busybox Busybox 1.2.2.1
Busybox Busybox 1.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »