Vulnerabilities > GE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-23 | CVE-2023-0755 | Improper Validation of Array Index vulnerability in multiple products The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the server and remotely execute arbitrary code. | 9.8 |
| 2023-01-18 | CVE-2022-38469 | Insufficiently Protected Credentials vulnerability in GE Proficy Historian An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords. | 7.5 |
| 2023-01-18 | CVE-2022-43494 | Unspecified vulnerability in GE Proficy Historian An unauthorized user could be able to read any file on the system, potentially exposing sensitive information. | 6.5 |
| 2023-01-18 | CVE-2022-46331 | Unspecified vulnerability in GE Proficy Historian An unauthorized user could possibly delete any file on the system. | 8.1 |
| 2023-01-18 | CVE-2022-46660 | Unrestricted Upload of File with Dangerous Type vulnerability in GE Proficy Historian An unauthorized user could alter or write files with full control over the path and content of the file. | 6.5 |
| 2023-01-18 | CVE-2022-46732 | Unspecified vulnerability in GE Proficy Historian Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status. | 9.8 |
| 2023-01-17 | CVE-2022-43975 | Path Traversal vulnerability in GE MS 3000 Firmware An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. | 7.5 |
| 2023-01-17 | CVE-2022-43976 | Unspecified vulnerability in GE MS 3000 Firmware An issue was discovered in FC46-WebBridge on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. | 9.8 |
| 2023-01-17 | CVE-2022-43977 | Unspecified vulnerability in GE MS 3000 Firmware An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p0_3.2.2.17p0_4.7p0. | 9.8 |
| 2022-12-08 | CVE-2022-3084 | Access of Uninitialized Pointer vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an attacker to execute arbitrary code. | 7.8 |