Vulnerabilities > Siemens

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-14	CVE-2019-19286	SQL Injection vulnerability in Siemens XHQ 6.0.0.0/6.0.0.2 A vulnerability has been identified in XHQ (All Versions < 6.1). network low complexity siemens CWE-89	6.5
2020-12-14	CVE-2019-19285	Cross-site Scripting vulnerability in Siemens XHQ 6.0.0.0/6.0.0.2 A vulnerability has been identified in XHQ (All Versions < 6.1). network siemens CWE-79	3.5
2020-12-14	CVE-2019-19284	Cross-site Scripting vulnerability in Siemens XHQ 6.0.0.0/6.0.0.2 A vulnerability has been identified in XHQ (All Versions < 6.1). network siemens CWE-79	3.5
2020-12-14	CVE-2019-19283	Information Exposure vulnerability in Siemens XHQ 6.0.0.0/6.0.0.2 A vulnerability has been identified in XHQ (All Versions < 6.1). network low complexity siemens CWE-200	5.0
2020-12-14	CVE-2020-8286	Improper Certificate Validation vulnerability in multiple products curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. network low complexity haxx fedoraproject debian netapp apple siemens oracle splunk CWE-295	7.5
2020-12-14	CVE-2020-8285	Uncontrolled Recursion vulnerability in multiple products curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. network low complexity haxx debian fedoraproject netapp apple oracle fujitsu siemens splunk CWE-674	7.5
2020-12-14	CVE-2020-8284	A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. network high complexity haxx fedoraproject debian netapp apple oracle fujitsu siemens splunk	3.7
2020-12-14	CVE-2020-8231	Use After Free vulnerability in multiple products Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. network low complexity haxx siemens debian oracle splunk CWE-416	7.5
2020-12-14	CVE-2020-8177	Injection vulnerability in multiple products curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. local low complexity haxx debian fujitsu siemens splunk CWE-74	7.8
2020-12-14	CVE-2020-8169	Information Exposure vulnerability in multiple products curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s). network low complexity haxx siemens debian splunk CWE-200	7.5

Vulnerabilities > Siemens {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Siemens"}]}

Vulnerabilities > Siemens