siemens

2,373 tracked vulnerabilities.

CVE-2020-10050 HIGH
SIMATIC RTLS Locating Manager < 2.10.2 - Local Privilege Escalation via Service Executable Directory
Sep 09, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-10049 HIGH
SIMATIC RTLS Locating Manager < 2.10.2 - Local Command Injection via Start-Stop Scripts
Sep 09, 2020
CVSS 7.3
EPSS 0.00
CVE-2020-7583 HIGH
Siemens Automation License Manager 5.x and 6.x < 6.0.8 - Improper Authorization
Aug 14, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-15781 CRITICAL
SICAM A8000 Firmware < 05.30 - Stored Cross-Site Scripting via Login Screen Log Messages
Aug 14, 2020
CVSS 9.6
EPSS 0.01
CVE-2020-10055 CRITICAL
Siemens Desigo CC and Desigo CC Compact - Remote Code Execution via BIRT Advanced Reporting Engine
Aug 14, 2020
CVSS 9.8
EPSS 0.06
CVE-2020-7593 CRITICAL
Siemens LOGO! 8 BM Firmware <=1.82.02 - Unauthenticated Remote Code Execution via Web Server
Jul 14, 2020
CVSS 9.8
EPSS 0.09
CVE-2020-7592 MEDIUM
SIMATIC HMI Panels and WinCC Runtime Advanced - Cleartext Transmission of Sensitive Information
Jul 14, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-7588 MEDIUM
Siemens SIMATIC Products - Partial Denial of Service via Crafted Packet
Jul 14, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-7587 HIGH
Siemens SIMATIC and Opcenter Products - Remote Denial of Service and Information Disclosure via Crafted Packets
Jul 14, 2020
CVSS 8.2
EPSS 0.02
CVE-2020-7584 HIGH
SIMATIC S7-200 SMART CPU >=2.2 <2.5.1 - Denial of Service via Large Number of New Connections
Jul 14, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-7581 MEDIUM
SIMATIC Notifier Server - Unquoted Search Path or Element
Jul 14, 2020
CVSS 6.7
EPSS 0.00
CVE-2020-7578 HIGH
Opcenter Execution Core < 8.2 - Authenticated Improper Access Control
Jul 14, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-7577 HIGH
Opcenter Execution Core < 8.2 - Authenticated SQL Injection via Vulnerable Application Fields
Jul 14, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-7576 MEDIUM
Opcenter Execution Core < 8.2 - Authenticated Stored Cross-Site Scripting via Container Package or Defect Registration
Jul 14, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-10045 HIGH
SICAM MMU,SGU,T <V2.05,V2.18 - Auth Bypass
Jul 14, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-10044 HIGH
SICAM MMU < 2.05, SICAM SGU, SICAM T < 2.18 - Unauthenticated Firmware Installation
Jul 14, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-10043 MEDIUM
SICAM MMU < 2.05, SICAM SGU, SICAM T < 2.18 - Cross-Site Scripting via Malicious Link
Jul 14, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10042 CRITICAL
SICAM MMU < 2.05, SICAM SGU, SICAM T < 2.18 - Remote Code Execution via Web Application Buffer Overflow
Jul 14, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-10041 MEDIUM
SICAM MMU < 2.05, SICAM SGU, SICAM T < 2.18 - Stored Cross-Site Scripting
Jul 14, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-10040 MEDIUM
SICAM MMU < 2.05, SGU, T < 2.18 - Password Hash Weakness
Jul 14, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-10039 HIGH
SICAM MMU < 2.05, SICAM SGU, SICAM T < 2.18 - Missing Encryption of Sensitive Data
Jul 14, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-10038 CRITICAL
SICAM MMU < 2.05, SICAM SGU, SICAM T < 2.18 - Unauthenticated Administrative Command Execution
Jul 14, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-10037 HIGH
SICAM MMU < 2.05, SICAM SGU, SICAM T < 2.18 - Out-of-bounds Read via Web Server Flooding Attack
Jul 14, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-15358 MEDIUM
SQLite < 3.32.3 - Out-of-bounds Write via Query-Flattener Optimization
Jun 27, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-14405 MEDIUM
libvncserver < 0.9.13 - Denial of Service via Unbounded TextChat Size
Jun 17, 2020
CVSS 6.5
EPSS 0.02