Vulnerabilities > Siemens

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-03	CVE-2021-41838	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. local low complexity insyde siemens CWE-119	7.2
2022-02-03	CVE-2021-42059	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. local low complexity insyde siemens CWE-787	7.2
2022-02-03	CVE-2021-42554	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. local low complexity insyde siemens CWE-787	7.2
2022-02-03	CVE-2020-5953	A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. local insyde siemens	6.9
2022-01-28	CVE-2021-4160	There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. network high complexity openssl debian oracle siemens	5.9
2022-01-28	CVE-2021-4034	Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. local low complexity polkit-project redhat canonical suse oracle siemens starwindsoftware CWE-787	7.8
2022-01-26	CVE-2022-23990	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. network low complexity libexpat-project tenable oracle debian fedoraproject siemens CWE-190	7.5
2022-01-24	CVE-2022-23852	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. network low complexity libexpat-project netapp tenable debian oracle siemens CWE-190 critical	9.8
2022-01-16	CVE-2022-0235	Information Exposure vulnerability in multiple products node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor network low complexity node-fetch-project siemens debian CWE-200	6.1
2022-01-11	CVE-2021-37195	Cross-site Scripting vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). network high complexity siemens CWE-79	2.6

Vulnerabilities > Siemens {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Siemens"}]}

Vulnerabilities > Siemens