Vulnerabilities > Siemens
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-04-19 | CVE-2014-2733 | Improper Input Validation vulnerability in Siemens Sinema Server 12.0 Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80. | 5.0 |
| 2014-04-19 | CVE-2014-2732 | Path Traversal vulnerability in Siemens Sinema Server 12.0 Multiple directory traversal vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to access arbitrary files via HTTP traffic to port (1) 4999 or (2) 80. | 5.0 |
| 2014-04-19 | CVE-2014-2731 | Remote Code Execution vulnerability in Siemens Sinema Server 12.0 Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port (1) 4999 or (2) 80. | 9.3 |
| 2014-04-07 | CVE-2014-0160 | Out-of-bounds Read vulnerability in multiple products The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. | 7.5 |
| 2014-04-01 | CVE-2014-2590 | Missing Authentication for Critical Function vulnerability in Siemens Ruggedcom Rugged Operating System The web management interface in Siemens RuggedCom ROS before 3.11, ROS 3.11 before 3.11.5 for RS950G, ROS 3.12, and ROS 4.0 for RSG2488 allows remote attackers to cause a denial of service (interface outage) via crafted HTTP packets. | 5.0 |
| 2014-03-24 | CVE-2014-2258 | Resource Management Errors vulnerability in Siemens products Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets, a different vulnerability than CVE-2014-2259. | 7.8 |
| 2014-03-24 | CVE-2014-2256 | Resource Management Errors vulnerability in Siemens products Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets, a different vulnerability than CVE-2014-2257. | 7.8 |
| 2014-03-24 | CVE-2014-2254 | Resource Management Errors vulnerability in Siemens products Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets, a different vulnerability than CVE-2014-2255. | 7.8 |
| 2014-03-24 | CVE-2014-2252 | Resource Management Errors vulnerability in Siemens products Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted PROFINET packets, a different vulnerability than CVE-2014-2253. | 6.1 |
| 2014-03-24 | CVE-2014-2250 | Cryptographic Issues vulnerability in Siemens products The random-number generator on Siemens SIMATIC S7-1200 CPU PLC devices with firmware before 4.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors, a different vulnerability than CVE-2014-2251. | 8.3 |