Vulnerabilities > Siemens > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-03-30 CVE-2021-25149 Classic Buffer Overflow vulnerability in multiple products
A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below.
network
low complexity
arubanetworks siemens CWE-120
critical
 9.8
9.8
2021-03-29 CVE-2020-24636 OS Command Injection vulnerability in multiple products
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below.
network
low complexity
arubanetworks siemens CWE-78
critical
 9.8
9.8
2021-03-11 CVE-2016-20009 Out-of-bounds Write vulnerability in multiple products
A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7.
network
low complexity
windriver siemens CWE-787
critical
 9.8
9.8
2021-02-09 CVE-2020-15798 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl.
network
low complexity
siemens
critical
 9.8
9.8
2021-01-12 CVE-2020-25226 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
low complexity
siemens
critical
 9.8
9.8
2021-01-12 CVE-2020-15800 Unspecified vulnerability in Siemens products
A vulnerability has been identified in SCALANCE X-200 switch family (incl.
network
low complexity
siemens
critical
 9.8
9.8
2020-12-14 CVE-2020-25228 Unspecified vulnerability in Siemens Logo! 8 BM Firmware
A vulnerability has been identified in LOGO! 8 BM (incl.
network
low complexity
siemens
critical
 9.8
9.8
2020-11-17 CVE-2020-7774 The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution.
network
low complexity
y18n-project oracle siemens
critical
 9.8
9.8
2020-10-22 CVE-2019-17006 Improper Input Validation vulnerability in multiple products
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks.
network
low complexity
siemens mozilla netapp CWE-20
critical
 9.8
9.8
2020-09-09 CVE-2020-15787 Unspecified vulnerability in Siemens Simatic HMI United Comfort Panels Firmware
A vulnerability has been identified in SIMATIC HMI Unified Comfort Panels (All versions <= V16).
network
low complexity
siemens
critical
 9.8
9.8