Filtered by vendor Siemens
Subscriptions
Total
1927 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-10041 | 1 Siemens | 6 Sicam Mmu, Sicam Mmu Firmware, Sicam Sgu and 3 more | 2024-11-21 | 6.1 Medium |
| A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). A stored Cross-Site-Scripting (XSS) vulnerability is present in different locations of the web application. An attacker might be able to take over a session of a legitimate user. | ||||
| CVE-2020-10040 | 1 Siemens | 6 Sicam Mmu, Sicam Mmu Firmware, Sicam Sgu and 3 more | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with local access to the device might be able to retrieve some passwords in clear text. | ||||
| CVE-2020-10039 | 1 Siemens | 6 Sicam Mmu, Sicam Mmu Firmware, Sicam Sgu and 3 more | 2024-11-21 | 8.1 High |
| A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker in a privileged network position between a legitimate user and the web server might be able to conduct a Man-in-the-middle attack and gain read and write access to the transmitted data. | ||||
| CVE-2020-10038 | 1 Siemens | 6 Sicam Mmu, Sicam Mmu Firmware, Sicam Sgu and 3 more | 2024-11-21 | 9.8 Critical |
| A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attacker with access to the device's web server might be able to execute administrative commands without authentication. | ||||
| CVE-2020-10037 | 1 Siemens | 6 Sicam Mmu, Sicam Mmu Firmware, Sicam Sgu and 3 more | 2024-11-21 | 7.5 High |
| A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). By performing a flooding attack against the web server, an attacker might be able to gain read access to the device's memory, possibly revealing confidential information. | ||||
| CVE-2020-0591 | 2 Intel, Siemens | 202 Bios, Core I5-7640x, Core I7-3820 and 199 more | 2024-11-21 | 6.7 Medium |
| Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-0590 | 3 Intel, Netapp, Siemens | 271 Xeon Bronze 3104, Xeon Bronze 3104 Firmware, Xeon Bronze 3106 and 268 more | 2024-11-21 | 7.8 High |
| Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-0543 | 7 Canonical, Fedoraproject, Intel and 4 more | 724 Ubuntu Linux, Fedora, Celeron 1000m and 721 more | 2024-11-21 | 5.5 Medium |
| Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2019-8277 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 High |
| UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212. | ||||
| CVE-2019-8276 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 High |
| UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212. | ||||
| CVE-2019-8275 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 9.8 Critical |
| UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212. | ||||
| CVE-2019-8274 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 9.8 Critical |
| UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer offer handler, which can potentially in result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212. | ||||
| CVE-2019-8273 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 9.8 Critical |
| UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212. | ||||
| CVE-2019-8272 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 9.8 Critical |
| UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212. | ||||
| CVE-2019-8271 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 9.8 Critical |
| UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer handler, which can potentially result code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212. | ||||
| CVE-2019-8269 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 High |
| UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207. | ||||
| CVE-2019-8268 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 9.8 Critical |
| UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207. | ||||
| CVE-2019-8263 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 6.5 Medium |
| UltraVNC revision 1205 has stack-based buffer overflow vulnerability in VNC client code inside ShowConnInfo routine, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. User interaction is required to trigger this vulnerability. This vulnerability has been fixed in revision 1206. | ||||
| CVE-2019-8262 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 9.8 Critical |
| UltraVNC revision 1203 has multiple heap buffer overflow vulnerabilities in VNC client code inside Ultra decoder, which results in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1204. | ||||
| CVE-2019-8259 | 2 Siemens, Uvnc | 4 Sinumerik Access Mymachine\/p2p, Sinumerik Pcu Base Win10 Software\/ipc, Sinumerik Pcu Base Win7 Software\/ipc and 1 more | 2024-11-21 | 7.5 High |
| UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC client code, which allow an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1199. | ||||