Vulnerabilities > GE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-08 | CVE-2022-3092 | Out-of-bounds Write vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2022-12-07 | CVE-2022-2002 | Untrusted Pointer Dereference vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2022-12-07 | CVE-2022-2948 | Heap-based Buffer Overflow vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2022-12-07 | CVE-2022-2952 | Access of Uninitialized Pointer vulnerability in GE Cimplicity GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an attacker to execute arbitrary code. | 7.8 |
| 2022-06-17 | CVE-2020-36547 | Use of Hard-coded Credentials vulnerability in GE Voluson S8 Firmware A vulnerability was found in GE Voluson S8. | 7.8 |
| 2022-06-17 | CVE-2020-36548 | Improper Authentication vulnerability in GE Voluson S8 Firmware A vulnerability classified as problematic has been found in GE Voluson S8. | 7.8 |
| 2022-06-17 | CVE-2020-36549 | Unspecified vulnerability in GE Voluson S8 Firmware A vulnerability classified as critical was found in GE Voluson S8. | 7.8 |
| 2022-03-25 | CVE-2021-44477 | XXE vulnerability in GE Toolboxst GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band (OOB) attack. | 5.0 |
| 2022-03-23 | CVE-2021-27418 | Cross-site Scripting vulnerability in GE products GE UR firmware versions prior to version 8.1x supports web interface with read-only access. | 4.3 |
| 2022-03-23 | CVE-2021-27420 | Improper Input Validation vulnerability in GE products GE UR firmware versions prior to version 8.1x web server task does not properly handle receipt of unsupported HTTP verbs, resulting in the web server becoming temporarily unresponsive after receiving a series of unsupported HTTP requests. | 5.0 |