High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-09	CVE-2021-46160	Out-of-bounds Write vulnerability in Siemens Simcenter Femap 2020.2/2021.1 A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). local low complexity siemens CWE-787	7.8
2022-02-09	CVE-2021-46161	Out-of-bounds Write vulnerability in Siemens Simcenter Femap 2020.2/2021.1 A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). local low complexity siemens CWE-787	7.8
2022-02-03	CVE-2021-33625	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. local high complexity insyde netapp siemens CWE-119	7.5
2022-02-03	CVE-2021-33627	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.09.11, 5.1 before 05.17.11, 5.2 before 05.27.11, 5.3 before 05.36.11, 5.4 before 05.44.11, and 5.5 before 05.52.11 affecting FwBlockServiceSmm. local low complexity insyde siemens CWE-119	8.2
2022-02-03	CVE-2021-41837	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. local low complexity insyde siemens CWE-119	8.2
2022-02-03	CVE-2021-41838	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. local low complexity insyde siemens CWE-119	8.2
2022-02-03	CVE-2021-42554	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O with Kernel 5.0 before 05.08.42, Kernel 5.1 before 05.16.42, Kernel 5.2 before 05.26.42, Kernel 5.3 before 05.35.42, Kernel 5.4 before 05.42.51, and Kernel 5.5 before 05.50.51. local low complexity insyde siemens CWE-787	8.2
2022-02-03	CVE-2020-5953	A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. local high complexity insyde siemens	7.5
2022-01-28	CVE-2021-4034	Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. local low complexity polkit-project redhat canonical suse oracle siemens starwindsoftware CWE-787	7.8
2022-01-26	CVE-2022-23990	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. network low complexity libexpat-project tenable oracle debian fedoraproject siemens CWE-190	7.5