The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
SAP SLD Registration Program (aka SLDREG) allows local users to cause a denial of service (memory corruption and process termination) via a crafted HOST parameter, aka SAP Security Note 2125623. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Siemens SIMATIC STEP 7 (TIA Portal) before 14 improperly stores pre-shared key data in TIA project files, which makes it easier for local users to obtain sensitive information by leveraging access to. Rated medium severity (CVSS 4.7). No vendor patch available.