Vulnerabilities > Siemens > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-08-14 CVE-2020-15781 Cross-site Scripting vulnerability in Siemens Sicam A8000 Firmware
A vulnerability has been identified in SICAM WEB firmware for SICAM A8000 RTUs (All versions < V05.30).
network
low complexity
siemens CWE-79
critical
 9.6
9.6
2020-08-14 CVE-2020-10055 Code Injection vulnerability in Siemens products
A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x).
network
low complexity
siemens CWE-94
critical
 9.8
9.8
2020-07-14 CVE-2020-7593 Classic Buffer Overflow vulnerability in Siemens Logo! 8 BM Firmware
A vulnerability has been identified in LOGO! 8 BM (incl.
network
low complexity
siemens CWE-120
critical
 9.8
9.8
2020-07-14 CVE-2020-10042 Classic Buffer Overflow vulnerability in Siemens products
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18).
network
low complexity
siemens CWE-120
critical
 9.8
9.8
2020-07-14 CVE-2020-10038 Missing Authentication for Critical Function vulnerability in Siemens products
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18).
network
low complexity
siemens CWE-306
critical
 9.8
9.8
2020-06-30 CVE-2017-18922 Out-of-bounds Write vulnerability in multiple products
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. 		9.8
9.8
2020-06-10 CVE-2020-7589 Missing Authentication for Critical Function vulnerability in Siemens Logo! 8 BM Firmware
A vulnerability has been identified in LOGO! 8 BM (incl.
network
low complexity
siemens CWE-306
critical
 9.1
9.1
2020-04-23 CVE-2019-20788 Integer Overflow or Wraparound vulnerability in multiple products
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value.
network
low complexity
libvnc-project canonical debian siemens CWE-190
critical
 9.8
9.8
2020-04-14 CVE-2019-10939 Unspecified vulnerability in Siemens products
A vulnerability has been identified in TIM 3V-IE (incl.
network
low complexity
siemens
critical
 9.8
9.8
2020-04-09 CVE-2020-11656 Use After Free vulnerability in multiple products
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
network
low complexity
sqlite netapp oracle siemens tenable CWE-416
critical
 9.8
9.8