Vulnerabilities > Siemens
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2022-23312 | Cross-site Scripting vulnerability in Siemens Spectrum Power 4 4.70 A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP9 Security Patch 1). | 6.1 |
| 2022-02-03 | CVE-2021-33625 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. | 7.5 |
| 2022-02-03 | CVE-2021-33627 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. | 8.2 |
| 2022-02-03 | CVE-2021-41837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 8.2 |
| 2022-02-03 | CVE-2021-41838 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 8.2 |
| 2022-02-03 | CVE-2021-42059 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. | 6.7 |
| 2022-02-03 | CVE-2021-42554 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. | 8.2 |
| 2022-02-03 | CVE-2020-5953 | A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. | 7.5 |
| 2022-01-28 | CVE-2021-4160 | There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. | 5.9 |
| 2022-01-28 | CVE-2021-4034 | Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. | 7.8 |