Filtered by vendor Siemens Subscriptions
Filtered by product Simatic Net Cp 1543-1 Firmware Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-3449 13 Checkpoint, Debian, Fedoraproject and 10 more 172 Multi-domain Management, Multi-domain Management Firmware, Quantum Security Gateway and 169 more 2024-09-17 5.9 Medium
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
CVE-2018-5391 7 Canonical, Debian, F5 and 4 more 80 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 77 more 2024-08-05 7.5 High
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
CVE-2020-27827 5 Fedoraproject, Lldpd Project, Openvswitch and 2 more 28 Fedora, Lldpd, Openvswitch and 25 more 2024-08-04 7.5 High
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2020-9273 5 Debian, Fedoraproject, Opensuse and 2 more 9 Debian Linux, Fedora, Backports Sle and 6 more 2024-08-04 8.8 High
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
CVE-2020-9272 3 Opensuse, Proftpd, Siemens 7 Backports Sle, Leap, Proftpd and 4 more 2024-08-04 7.5 High
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.