Vulnerabilities > GE
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-19 | CVE-2018-5475 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GE D60 Line Distance Relay Firmware A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. | 7.5 |
| 2018-02-19 | CVE-2018-5473 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GE D60 Line Distance Relay Firmware 7.11 An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. | 10.0 |
| 2017-10-05 | CVE-2017-12732 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GE Intelligent Platforms Proficy Hmi/Scada Cimplicity A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. | 4.9 |
| 2017-08-28 | CVE-2015-3976 | Cross-site Scripting vulnerability in GE products Cross-site scripting (XSS) vulnerability in GE Multilink ML810/3000/3100 series switch 5.2.0 and earlier, and GE Multilink ML800/1200/1600/2400 4.2.1 and earlier. | 3.5 |
| 2017-06-30 | CVE-2017-7905 | Use of Insufficiently Random Values vulnerability in GE products A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware versions prior to Version 5.23; SR 489 Generator Protection Relay, firmware versions prior to Version 4.06; SR 745 Transformer Protection Relay, firmware versions prior to Version 5.23; SR 369 Motor Protection Relay, all firmware versions; Multilin Universal Relay, firmware Version 6.0 and prior versions; and Multilin URplus (D90, C90, B95), all versions. | 5.0 |
| 2017-02-13 | CVE-2016-9360 | Insufficiently Protected Credentials vulnerability in GE Cimplicity An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. | 4.4 |
| 2016-11-25 | CVE-2016-5788 | Improper Authorization vulnerability in GE products General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors. | 10.0 |
| 2016-07-15 | CVE-2016-5787 | Exposure of Resource to Wrong Sphere vulnerability in GE Cimplicity General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors. | 4.6 |
| 2016-06-09 | CVE-2016-2310 | Use of Hard-coded Credentials vulnerability in GE Multilink Firmware General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web interface. | 10.0 |
| 2016-02-05 | CVE-2016-0862 | Information Exposure vulnerability in GE Snmp/Web Adapter Firmware 4.7 General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors. | 4.0 |