siemens

2,373 tracked vulnerabilities.

CVE-2022-28661 HIGH
Simcenter Femap < V2022.1.2 - Code Injection
Apr 12, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-28329 MEDIUM
SCALANCE W1788 Series < 3.0.0 - Denial of Service via RemoteCapture TCP Packet Handling
Apr 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-28328 HIGH
SCALANCE W1788 M12 Firmware < 3.0.0 - Denial of Service via Malformed Multicast LLC Frames
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-27481 MEDIUM
SCALANCE W1788 Series < 3.0.0 - Denial of Service via ARP Request Race Condition
Apr 12, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-27480 HIGH
SICAM A8000 CP-8031 and CP-8050 Firmware < 4.80 - Unauthenticated Arbitrary File Download
Apr 12, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-27194 HIGH
SIMATIC PCS neo < V3.1 SP1, SINETPLAN, TIA Portal V15-V17 - Denial of Service via Crafted Packets to Port 8888
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-26380 HIGH
Siemens SCALANCE X Series Firmware < 4.1.4 - Denial of Service via SNMP Key Validation
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-26335 HIGH
Siemens SCALANCE X Series - Denial of Service via HTTP GET Request URI Validation
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-26334 HIGH
Siemens SCALANCE X Series - Denial of Service via Unvalidated HTTP GET Parameter
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-25756 MEDIUM
Siemens SCALANCE X Series < 4.1.4 - Cross-Site Scripting via Integrated Web Server
Apr 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-25755 HIGH
Siemens SCALANCE X Series - Improper Access Control via Missing Security Headers
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-25754 HIGH
SCALANCE X302-7 EEC Firmware < 4.1.4 - Cross-Site Request Forgery
Apr 12, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-25753 HIGH
SCALANCE X Series Firmware < 4.1.4 - Authenticated Stack-based Buffer Overflow via CLI IP Address Handling
Apr 12, 2022
CVSS 8.8
EPSS 0.02
CVE-2022-25752 CRITICAL
Siemens SCALANCE X Series - Session Hijacking via Insecure Session ID Generation
Apr 12, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-25751 HIGH
Siemens SCALANCE X Series - Denial of Service via HTTP Header Validation
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-25622 MEDIUM
SIMATIC CFU DIQ Firmware - Denial of Service via Malformed TCP Segments
Apr 12, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-23450 CRITICAL
SIMATIC Energy Manager Basic and PRO < 7.3 Update 1 - Unauthenticated Remote Code Execution via Insecure Deserialization
Apr 12, 2022
CVSS 9.8
EPSS 0.36
CVE-2022-23449 HIGH
SIMATIC Energy Manager Basic and PRO < 7.3 Update 1 - DLL Hijacking via Uncontrolled Search Path
Apr 12, 2022
CVSS 7.3
EPSS 0.00
CVE-2022-23448 HIGH
SIMATIC Energy Manager Basic and PRO < 7.3 Update 1 - Local Privilege Escalation via Improper Directory Permissions
Apr 12, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-22965 CRITICAL KEVNUCLEI
Spring Framework - Remote Code Execution via Data Binding
Apr 01, 2022
CVSS 9.8
EPSS 1.00
CVE-2022-0396 MEDIUM
BIND 9.16.11-9.16.26 and 9.17.0-9.18.0 - Denial of Service via CLOSE_WAIT Connection Exhaustion
Mar 23, 2022
CVSS 5.3
EPSS 0.03
CVE-2022-0847 HIGH KEV
Dirty Pipe Local Privilege Escalation via CVE-2022-0847
Mar 10, 2022
CVSS 7.8
EPSS 0.89
CVE-2022-25311 HIGH
SINEC NMS < 2.0 and SINEMA Server V14 - Authenticated Privilege Escalation via Session Privilege Check Bypass
Mar 08, 2022
CVSS 7.3
EPSS 0.01
CVE-2022-24661 HIGH
Simcenter STAR-CCM+ Viewer <V2022.1 - Memory Corruption
Mar 08, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-24408 HIGH
SINUMERIK MC/V1.15 SP1, SINUMERIK ONE/V6.15 SP1 - Privilege Escalation
Mar 08, 2022
CVSS 7.8
EPSS 0.00