siemens

2,373 tracked vulnerabilities.

CVE-2020-1971 MEDIUM
OpenSSL 1.0.2-1.0.2w and 1.1.1-1.1.1h - Denial of Service via EDIPARTYNAME NULL Pointer Dereference
Dec 08, 2020
CVSS 5.9
EPSS 0.07
CVE-2020-7774 HIGH
y18n <3.2.2, 4.0.1, 5.0.5 - Prototype Pollution
Nov 17, 2020
CVSS 7.3
EPSS 0.69
CVE-2020-15783 HIGH
SIMATIC S7-300 CPU Family, SIMATIC TDC CPU555, and SINUMERIK 840D sl - Denial of Service via Port 102
Nov 12, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-8745 MEDIUM
Intel CSME <11.8.80-14.5.25 - Privilege Escalation
Nov 12, 2020
CVSS 6.8
EPSS 0.00
CVE-2020-8744 HIGH
Intel CSME <12.0.70-14.5.25, TXE <4.0.30, SPS <E3_05.01.04.200 - Pr...
Nov 12, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-8698 MEDIUM
Intel(R) Processors - Info Disclosure
Nov 12, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-0591 MEDIUM
Intel(R) Processors - Privilege Escalation
Nov 12, 2020
CVSS 6.7
EPSS 0.00
CVE-2020-0590 HIGH
Intel Xeon Bronze/Silver/Gold Firmware - Authenticated Privilege Escalation via BIOS Input Validation
Nov 12, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-28168 MEDIUM
axios 0.19.0-0.20.0 - Server-Side Request Forgery via Redirect Bypass
Nov 06, 2020
CVSS 5.9
EPSS 0.02
CVE-2020-7591 HIGH
SIPORT MP < 3.2.1 - Authenticated User Impersonation via Single Sign-On Feature
Oct 15, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-15794 MEDIUM
Desigo Insight - Authenticated Sensitive Information Exposure via Error Message
Oct 15, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-15793 MEDIUM
Desigo Insight - Clickjacking via Missing X-Frame-Options Header
Oct 15, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-15792 MEDIUM
Desigo Insight - Authenticated SQL Injection via Query Parameter
Oct 15, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-7590 MEDIUM
DCA Vantage Analyzer <4.5 - Info Disclosure
Oct 13, 2020
CVSS 6.8
EPSS 0.00
CVE-2020-15797 MEDIUM
Siemens DCA Vantage Analyzer Firmware < 4.5.0.0 - Unauthenticated Privilege Escalation via Kiosk Mode Escape
Oct 13, 2020
CVSS 6.8
EPSS 0.00
CVE-2020-15791 MEDIUM
SIMATIC S7-300 and S7-400 CPU Families - Insufficiently Protected Credentials via ISO-TSAP Authentication
Sep 09, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-15790 MEDIUM
Spectrum Power 4 < 4.70 SP8 - Directory Listing Exposure via Web Server Misconfiguration
Sep 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-15789 HIGH
Polarion Subversion Webclient - Cross-Site Request Forgery
Sep 09, 2020
CVSS 8.1
EPSS 0.00
CVE-2020-15788 MEDIUM
Polarion Subversion Webclient - Cross-Site Scripting via Malicious URL Input
Sep 09, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-15787 CRITICAL
SIMATIC HMI Unified Comfort Panels <= V16 - Info Disclosure
Sep 09, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-15786 CRITICAL
SIMATIC HMI Panels <= V16 - Brute-Force Attack via Sm@rt Server
Sep 09, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-15785 MEDIUM
Siveillance Video Client - Cleartext Transmission of Sensitive Information via NTLM Authentication
Sep 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-15784 MEDIUM
Spectrum Power 4 < 4.70 SP8 - Cleartext Storage of Sensitive Information in Configuration Files
Sep 09, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-10056 HIGH
Siemens License Management Utility < 2.4 - Authenticated Privilege Escalation via lmgrd Service Configuration
Sep 09, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-10051 HIGH
SIMATIC RTLS Locating Manager <V2.10.2 - Command Injection
Sep 09, 2020
CVSS 7.8
EPSS 0.00