siemens

2,341 tracked vulnerabilities.

CVE-2022-26335 HIGH
Siemens SCALANCE X Series - Denial of Service via HTTP GET Request URI Validation
Apr 12, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-26334 HIGH
Siemens SCALANCE X Series - Denial of Service via Unvalidated HTTP GET Parameter
Apr 12, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-25756 MEDIUM
Siemens SCALANCE X Series < 4.1.4 - Cross-Site Scripting via Integrated Web Server
Apr 12, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-25755 HIGH
Siemens SCALANCE X Series - Improper Access Control via Missing Security Headers
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-25754 HIGH
SCALANCE X302-7 EEC Firmware < 4.1.4 - Cross-Site Request Forgery
Apr 12, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-25753 HIGH
SCALANCE X Series Firmware < 4.1.4 - Authenticated Stack-based Buffer Overflow via CLI IP Address Handling
Apr 12, 2022
CVSS 8.8
EPSS 0.03
CVE-2022-25752 CRITICAL
Siemens SCALANCE X Series - Session Hijacking via Insecure Session ID Generation
Apr 12, 2022
CVSS 9.8
EPSS 0.03
CVE-2022-25751 HIGH
Siemens SCALANCE X Series - Denial of Service via HTTP Header Validation
Apr 12, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-25622 MEDIUM
SIMATIC CFU DIQ Firmware - Denial of Service via Malformed TCP Segments
Apr 12, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-23450 CRITICAL
SIMATIC Energy Manager Basic and PRO < 7.3 Update 1 - Unauthenticated Remote Code Execution via Insecure Deserialization
Apr 12, 2022
CVSS 9.8
EPSS 0.33
CVE-2022-23449 HIGH
SIMATIC Energy Manager Basic and PRO < 7.3 Update 1 - DLL Hijacking via Uncontrolled Search Path
Apr 12, 2022
CVSS 7.3
EPSS 0.00
CVE-2022-23448 HIGH
SIMATIC Energy Manager Basic and PRO < 7.3 Update 1 - Local Privilege Escalation via Improper Directory Permissions
Apr 12, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-22965 CRITICAL KEVNUCLEI
Spring Framework - Remote Code Execution via Data Binding
Apr 01, 2022
CVSS 9.8
EPSS 0.94
CVE-2022-0396 MEDIUM
BIND 9.16.11-9.16.26 and 9.17.0-9.18.0 - Denial of Service via CLOSE_WAIT Connection Exhaustion
Mar 23, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-0847 HIGH KEV
Dirty Pipe Local Privilege Escalation via CVE-2022-0847
Mar 10, 2022
CVSS 7.8
EPSS 0.82
CVE-2022-25311 HIGH
SINEC NMS < 2.0 and SINEMA Server V14 - Authenticated Privilege Escalation via Session Privilege Check Bypass
Mar 08, 2022
CVSS 7.3
EPSS 0.00
CVE-2022-24661 HIGH
Simcenter STAR-CCM+ Viewer <V2022.1 - Memory Corruption
Mar 08, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-24408 HIGH
SINUMERIK MC/V1.15 SP1, SINUMERIK ONE/V6.15 SP1 - Privilege Escalation
Mar 08, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-24282 HIGH
SINEC NMS < 2.0 and < 1.0.3 and SINEMA Server V14 - Remote Code Execution via Insecure JSON Deserialization
Mar 08, 2022
CVSS 7.2
EPSS 0.03
CVE-2022-24281 HIGH
SINEC NMS <V1.0.3, SINEMA Server V14 - Privilege Escalation
Mar 08, 2022
CVSS 7.2
EPSS 0.01
CVE-2022-25315 CRITICAL
libexpat < 2.4.5 - Integer Overflow in storeRawNames
Feb 18, 2022
CVSS 9.8
EPSS 0.09
CVE-2022-25314 HIGH
libexpat < 2.4.5 - Integer Overflow in copyString
Feb 18, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-25313 MEDIUM
libexpat < 2.4.5 - Denial of Service via DTD Element Nesting
Feb 18, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-25236 CRITICAL
libexpat < 2.4.5 - Namespace URI Injection via Namespace-Separator Character
Feb 16, 2022
CVSS 9.8
EPSS 0.09
CVE-2022-25235 CRITICAL
libexpat < 2.4.5 - Improper Encoding or Escaping of Output
Feb 16, 2022
CVSS 9.8
EPSS 0.12
Products
teamcenter_visualization 188 jt2go 166 tecnomatix_plant_simulation 85 simcenter_femap 77 telecontrol_server_basic 77 sinema_remote_connect_server 71 sinec_infrastructure_network_services 68 scalance_w1750d_firmware 62 parasolid 52 solid_edge 47 wincc 43 sinec_nms 42 sinec_ins 38 solid_edge_se2023 36 sppa-t3000_ms3000_migration_server 35 jt_utilities 32 comos 31 simatic_wincc 30 jt_open_toolkit 29 scalance_lpe9403_firmware 27 nucleus_net 25 nucleus_source_code 25 simatic_pcs7 25 simatic_pcs_7 25 scalance_s615_firmware 24 simatic_ipc427e_firmware 24 simatic_ipc477e_firmware 24 simatic_itp1000_firmware 24 simatic_pcs_neo 24 ruggedcom_rox_mx5000_firmware 23
Quick Filters
Critical CVEs With Exploits In CISA KEV