Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-14	CVE-2020-25228	Missing Authentication for Critical Function vulnerability in Siemens Logo! 8 BM Firmware A vulnerability has been identified in LOGO! 8 BM (incl. network low complexity siemens CWE-306 critical	10.0
2020-11-17	CVE-2020-7774	The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution. network low complexity y18n-project oracle siemens critical	9.8
2020-10-22	CVE-2019-17006	Insufficient Verification of Data Authenticity vulnerability in multiple products In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. network low complexity siemens mozilla netapp CWE-345 critical	10.0
2020-08-14	CVE-2020-10055	Code Injection vulnerability in Siemens products A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). network siemens CWE-94 critical	9.3
2020-06-30	CVE-2017-18922	Out-of-bounds Write vulnerability in multiple products It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. network low complexity libvncserver-project canonical opensuse fedoraproject siemens CWE-787 critical	9.8
2020-01-31	CVE-2016-2031	Improper Input Validation vulnerability in multiple products Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. network low complexity arubanetworks siemens CWE-20 critical	9.8
2020-01-16	CVE-2019-10940	Improper Privilege Management vulnerability in Siemens Sinema Server 12.0/13.0/14.0 A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). network low complexity siemens CWE-269 critical	9.0
2019-12-12	CVE-2019-18342	Unspecified vulnerability in Siemens Control Center Server A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). network low complexity siemens critical	9.9
2019-12-12	CVE-2019-18339	Missing Authentication for Critical Function vulnerability in Siemens products A vulnerability has been identified in SiNVR/SiVMS Video Server (All versions < V5.0.0). network low complexity siemens CWE-306 critical	9.8
2019-12-12	CVE-2019-18337	Improper Authentication vulnerability in Siemens products A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). network low complexity siemens CWE-287 critical	9.8