High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-09	CVE-2019-16905	Integer Overflow or Wraparound vulnerability in multiple products OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. local low complexity openbsd netapp siemens CWE-190	7.8
2019-09-13	CVE-2019-10937	Improper Input Validation vulnerability in Siemens Simatic TDC Cp51M1 Firmware A vulnerability has been identified in SIMATIC TDC CP51M1 (All versions < V1.1.7). network low complexity siemens CWE-20	7.5
2019-08-13	CVE-2019-10943	Unspecified vulnerability in Siemens products A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. network low complexity siemens	7.5
2019-08-13	CVE-2019-10942	Unspecified vulnerability in Siemens products A vulnerability has been identified in SCALANCE X-200 switch family (incl. network low complexity siemens	8.6
2019-08-09	CVE-2019-12258	Session Fixation vulnerability in multiple products Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. network low complexity windriver sonicwall siemens netapp belden CWE-384	7.5
2019-08-09	CVE-2019-12263	Out-of-bounds Write vulnerability in multiple products Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). network high complexity windriver sonicwall siemens netapp belden CWE-787	8.1
2019-08-09	CVE-2019-12259	NULL Pointer Dereference vulnerability in multiple products Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. network low complexity windriver sonicwall siemens belden CWE-476	7.5
2019-08-09	CVE-2019-12257	Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. low complexity windriver sonicwall siemens netapp belden CWE-120	8.8
2019-08-05	CVE-2019-12264	Argument Injection or Modification vulnerability in multiple products Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the ipdhcpc DHCP client component. low complexity windriver belden siemens CWE-88	7.1
2019-07-11	CVE-2019-10935	Unrestricted Upload of File with Dangerous Type vulnerability in Siemens Simatic PCS 7, Simatic Wincc and Simatic Wincc Runtime A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). network low complexity siemens CWE-434	7.2