Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

sec-consult.com vulnerabilities and exploits

(subscribe to this query)
5.3
CVSSv3

CVE-2017-12737

An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote malicious users to obtain sensitive device inf...
Siemens Sm-2556 Firmware Dnpi00Siemens Sm-2556 Firmware Enos00Siemens Sm-2556 Firmware Erac00Siemens Sm-2556 Firmware Eta2Siemens Sm-2556 Firmware Etls00Siemens Sm-2556 Firmware Modi00
6.1
CVSSv3

CVE-2017-12738

An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked ...
Siemens Sm-2556 Firmware Dnpi00Siemens Sm-2556 Firmware Enos00Siemens Sm-2556 Firmware Erac00Siemens Sm-2556 Firmware Eta2Siemens Sm-2556 Firmware Etls00Siemens Sm-2556 Firmware Modi00
9.8
CVSSv3

CVE-2017-12739

An issue exists on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected devices could allow unauthenticated remote malicious users to execute arbitrary code on t...
Siemens Sm-2556 Firmware Dnpi00Siemens Sm-2556 Firmware Enos00Siemens Sm-2556 Firmware Erac00Siemens Sm-2556 Firmware Eta2Siemens Sm-2556 Firmware Etls00Siemens Sm-2556 Firmware Modi00
5.5
CVSSv3

CVE-2015-9261

huft_build in archival/libarchive/decompress_gunzip.c in BusyBox prior to 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
Busybox BusyboxDebian Debian Linux 8.0Debian Debian Linux 9.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04
9.8
CVSSv3

CVE-2020-12501

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.
Pepperl-fuchs Es7510-xt FirmwarePepperl-fuchs Es8509-xt FirmwarePepperl-fuchs Es8510-xt FirmwarePepperl-fuchs Es9528-xtv2 FirmwarePepperl-fuchs Es7506 FirmwarePepperl-fuchs Es7510 FirmwarePepperl-fuchs Es7528 FirmwarePepperl-fuchs Es8508 FirmwarePepperl-fuchs Es8508f FirmwarePepperl-fuchs Es8510 FirmwarePepperl-fuchs Es8510-xte FirmwarePepperl-fuchs Es9528 Firmware
7.2
CVSSv2

CVE-2013-1813

util-linux/mdev.c in BusyBox prior to 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
Redhat Enterprise Linux 6.0T-mobile Tm-ac1900 3.0.0.4.376 3169Busybox BusyboxBusybox Busybox 0.38Busybox Busybox 0.39Busybox Busybox 0.40Busybox Busybox 0.41Busybox Busybox 0.42Busybox Busybox 0.43Busybox Busybox 0.45Busybox Busybox 0.46Busybox Busybox 0.47
7.5
CVSSv3

CVE-2016-2147

Integer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to cause a denial of service (crash) via a malformed RFC1035-encoded domain name, which triggers an out-of-bounds heap write.
Busybox BusyboxDebian Debian Linux 8.0Debian Debian Linux 9.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10
9.8
CVSSv3

CVE-2016-2148

Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox prior to 1.25.0 allows remote malicious users to have unspecified impact via vectors involving OPTION_6RD parsing.
Busybox BusyboxDebian Debian Linux 8.0Debian Debian Linux 9.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10
8.8
CVSSv3

CVE-2017-16544

In the add_match function in libbb/lineedit.c in BusyBox up to and including 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could pot...
Busybox BusyboxDebian Debian Linux 8.0Debian Debian Linux 9.0Vmware Esxi 6.0Vmware Esxi 6.5Vmware Esxi 6.7Redlion N-tron 702-w FirmwareRedlion N-tron 702m12-w FirmwareCanonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04
7.5
CVSSv3

CVE-2011-5325

Directory traversal vulnerability in the BusyBox implementation of tar prior to 1.22.0 v5 allows remote malicious users to point to files outside the current working directory via a symlink.
Busybox BusyboxDebian Debian Linux 8.0Debian Debian Linux 9.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
unprivilegedprivilege escalationCVE-2024-57040morningCVE-2025-24801CVE-2025-24813CVE-2025-29930CVE-2024-10442smartosCVE-2025-0694cryptolibmbconnect24local users
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook