Vulnerabilities > Siemens
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-12 | CVE-2020-0590 | Improper Input Validation vulnerability in multiple products Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-06 | CVE-2020-28168 | Server-Side Request Forgery (SSRF) vulnerability in multiple products Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address. | 5.9 |
| 2020-10-22 | CVE-2019-17007 | Improper Certificate Validation vulnerability in multiple products In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service. | 5.0 |
| 2020-10-22 | CVE-2019-17006 | Insufficient Verification of Data Authenticity vulnerability in multiple products In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. | 10.0 |
| 2020-10-22 | CVE-2018-18508 | NULL Pointer Dereference vulnerability in multiple products In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service. | 4.3 |
| 2020-10-15 | CVE-2020-7591 | Use of Client-Side Authentication vulnerability in Siemens Siport MP 2.2/3.0.3/3.1.4 A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). | 8.5 |
| 2020-10-15 | CVE-2020-15794 | Information Exposure Through an Error Message vulnerability in Siemens Desigo Insight 4.0/5.0/6.0 A vulnerability has been identified in Desigo Insight (All versions). | 4.0 |
| 2020-10-15 | CVE-2020-15793 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Siemens Desigo Insight 4.0/5.0/6.0 A vulnerability has been identified in Desigo Insight (All versions). | 5.8 |
| 2020-10-15 | CVE-2020-15792 | SQL Injection vulnerability in Siemens Desigo Insight 4.0/5.0/6.0 A vulnerability has been identified in Desigo Insight (All versions). | 4.0 |
| 2020-10-13 | CVE-2020-15797 | Improper Privilege Management vulnerability in Siemens DCA Vantage Analyzer Firmware A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. | 7.2 |