Vulnerabilities > GE > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-01-14 | CVE-2020-27263 | Out-of-bounds Write vulnerability in multiple products KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. | 9.1 |
2020-06-02 | CVE-2020-12017 | Missing Authentication for Critical Function vulnerability in GE Rt430 Firmware, Rt431 Firmware and Rt434 Firmware GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions prior to 08A05. | 9.8 |
2019-05-09 | CVE-2019-6548 | Use of Hard-coded Credentials vulnerability in GE Communicator 3.15 GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. | 9.8 |
2018-12-07 | CVE-2018-15362 | XXE vulnerability in GE Cimplicity 10.0/9.0R2/9.5 XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0 | 9.1 |
2018-06-04 | CVE-2018-10611 | Improper Authentication vulnerability in GE MDS Pulsenet Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services. | 9.8 |
2018-03-20 | CVE-2017-14008 | Use of Hard-coded Credentials vulnerability in GE Centricity Pacs Ra1000 GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. | 9.8 |
2018-03-20 | CVE-2017-14006 | Use of Hard-coded Credentials vulnerability in GE Xeleris GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. | 9.8 |
2018-03-20 | CVE-2017-14004 | Use of Hard-coded Credentials vulnerability in GE Gemnet License Server GE GEMNet License server (EchoServer) all current versions are affected these devices use default or hard-coded credentials. | 9.8 |
2018-03-20 | CVE-2017-14002 | Use of Hard-coded Credentials vulnerability in GE Infinia Hawkeye 4 Firmware GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. | 9.8 |
2018-02-19 | CVE-2018-5475 | Out-of-bounds Write vulnerability in GE D60 Line Distance Relay Firmware 7.11 A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. | 9.8 |