Vulnerabilities > Siemens > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-17 | CVE-2020-7774 | The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution. | 9.8 |
| 2020-10-22 | CVE-2019-17006 | Insufficient Verification of Data Authenticity vulnerability in multiple products In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. | 10.0 |
| 2020-08-14 | CVE-2020-10055 | Code Injection vulnerability in Siemens products A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). | 9.3 |
| 2020-06-30 | CVE-2017-18922 | Out-of-bounds Write vulnerability in multiple products It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. network low complexity libvncserver-project canonical opensuse fedoraproject siemens CWE-787 critical | 9.8 |
| 2020-01-31 | CVE-2016-2031 | Improper Input Validation vulnerability in multiple products Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. | 9.8 |
| 2020-01-16 | CVE-2019-10940 | Improper Privilege Management vulnerability in Siemens Sinema Server 12.0/13.0/14.0 A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). | 9.0 |
| 2019-12-12 | CVE-2019-18342 | Unspecified vulnerability in Siemens Control Center Server A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). | 9.9 |
| 2019-12-12 | CVE-2019-18339 | Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). | 9.8 |
| 2019-12-12 | CVE-2019-18337 | Improper Authentication vulnerability in Siemens products A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). | 9.8 |
| 2019-08-09 | CVE-2019-12255 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). | 9.8 |