Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens security configuration tool - vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2023-3268
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local malicious user to crash the system or leak kernel internal information.
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
7.1
CVSSv3
CVE-2023-1380
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leadin...
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Linux Linux Kernel 6.3
Linux Linux Kernel
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
6.8
CVSSv3
CVE-2023-2002
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an malicious user to unauthorized execution of management commands, compromising the confidentiality, integrity, and ava...
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
6.5
CVSSv3
CVE-2017-6865
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1),...
Siemens Sinaut St7cc -
Siemens Simatic Step 7 (tia Portal) 14.0
Siemens Simatic Winac Rtx 2010 -
Siemens Simatic Wincc (tia Portal) 13.0
Siemens Simatic Step 7 (tia Portal) 13.0
Siemens Simatic Wincc (tia Portal) 14.0
Siemens Simatic Step 7 (tia Portal) 5.0
Siemens Sinumerik 808d Programming Tool -
Siemens Simatic Winac Rtx F 2010 -
Siemens Simatic Wincc Flexible 2008 -
Siemens Pcs 7 -
Siemens Simatic Wincc -
Siemens Security Configuration Tool -
Siemens Simatic Automation Tool -
Siemens Sinema Server -
Siemens Smart Pc Access 2.0
Siemens Primary Setup Tool -
Siemens Simatic Net Pc-software -
Siemens Simatic Step 7 Micro/win Smart -
6.4
CVSSv3
CVE-2016-7165
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIM...
Siemens Simatic Wincc 7.2
Siemens Simatic Wincc Runtime -
Siemens Simatic Wincc (tia Portal)
Siemens Simit 9.0
Siemens Simatic Wincc
Siemens Simatic Pcs7 8.0
Siemens Simatic Step 7 (tia Portal)
Siemens Simatic Pcs 7
Siemens Sinema Remote Connect -
Siemens Simatic Wincc 7.4
Siemens Simatic Step 7
Siemens Simatic Winac Rtx 2010 -
Siemens Simatic Pcs7 8.1
Siemens Softnet Security Client
Siemens Simatic Net Pc Software
Siemens Simatic It Production Suite -
Siemens Telecontrol Basic
Siemens Security Configuration Tool -
Siemens Simatic Wincc (tia Portal) -
Siemens Primary Setup Tool -
Siemens Sinema Server
Siemens Simatic Wincc 7.3
5.9
CVSSv3
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
5.9
CVSSv3
CVE-2022-1434
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an Op...
Openssl Openssl
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Aff 8300 Firmware -
Netapp Fas 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Fas 8700 Firmware -
Netapp Aff A400 Firmware -
5.9
CVSSv3
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
5.9
CVSSv3
CVE-2021-23841
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (whi...
Openssl Openssl
Debian Debian Linux 10.0
Tenable Tenable.sc
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Apple Macos
Apple Iphone Os
Apple Safari
Apple Ipados
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Oracle Business Intelligence 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager For Storage Management 13.4.0.0
5.9
CVSSv3
CVE-2021-23336
The package python/cpython from 0 and prior to 3.6.13, from 3.7.0 and prior to 3.7.10, from 3.8.0 and prior to 3.8.8, from 3.9.0 and prior to 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaki...
Python Python
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Snapcenter -
Netapp Ontap Select Deploy Administration Utility -
Netapp Inventory Collect Tool -
Djangoproject Django
Oracle Zfs Storage Appliance 8.8
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Pricing Design Center 12.0.0.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »