Vulnerabilities > Siemens
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-15 | CVE-2020-28385 | Out-of-bounds Write vulnerability in Siemens Solid Edge Se2020/Se2021 A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). | 6.8 |
| 2021-03-15 | CVE-2020-25241 | Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Siemens products A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). | 5.0 |
| 2021-03-15 | CVE-2020-25240 | Incorrect Authorization vulnerability in Siemens Sinema Remote Connect Server 1.1/2.0 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). | 6.5 |
| 2021-03-15 | CVE-2020-25239 | Incorrect Authorization vulnerability in Siemens Sinema Remote Connect Server 1.1/2.0 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). | 6.5 |
| 2021-03-15 | CVE-2020-25236 | Improper Handling of Exceptional Conditions vulnerability in Siemens Logo! 8 BM Firmware A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions). | 5.5 |
| 2021-03-12 | CVE-2021-27290 | ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. | 4.3 |
| 2021-03-11 | CVE-2016-20009 | Out-of-bounds Write vulnerability in multiple products A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. | 9.8 |
| 2021-03-10 | CVE-2020-27632 | Unspecified vulnerability in Siemens Simatic Mv420 Firmware and Simatic Mv440 Firmware In SIMATIC MV400 family versions prior to v7.0.6, the ISN generator is initialized with a constant value and has constant increments. | 7.5 |
| 2021-03-03 | CVE-2021-22884 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. | 7.5 |
| 2021-03-03 | CVE-2021-22883 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. | 7.5 |