Vulnerabilities > Siemens > Low

DATE CVE VULNERABILITY TITLE RISK
2021-12-14 CVE-2021-44436 Out-of-bounds Read vulnerability in Siemens JT Open Toolkit and JT Utilities
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).
local
low complexity
siemens CWE-125
3.3
2021-12-14 CVE-2021-44431 Out-of-bounds Read vulnerability in Siemens JT Open Toolkit and JT Utilities
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0).
local
low complexity
siemens CWE-125
3.3
2021-09-28 CVE-2021-41538 Access of Uninitialized Pointer vulnerability in Siemens products
A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8).
local
low complexity
siemens CWE-824
3.3
2021-09-28 CVE-2021-41534 Out-of-bounds Read vulnerability in Siemens NX 1984 Firmware, NX 1988 Firmware and Solid Edge
A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8).
local
low complexity
siemens CWE-125
3.3
2021-09-28 CVE-2021-41533 Out-of-bounds Read vulnerability in Siemens NX 1984 Firmware, NX 1988 Firmware and Solid Edge
A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8).
local
low complexity
siemens CWE-125
3.3
2021-09-14 CVE-2021-37176 Out-of-bounds Read vulnerability in Siemens Simcenter Femap 2020.2/2021.1
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions).
local
low complexity
siemens CWE-125
3.3
2021-08-10 CVE-2021-33738 Out-of-bounds Read vulnerability in Siemens Jt2Go and Teamcenter Visualization
A vulnerability has been identified in JT2Go (All versions < V13.2.0.2), Teamcenter Visualization (All versions < V13.2.0.2).
local
low complexity
siemens CWE-125
3.3
2021-08-05 CVE-2021-22924 Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.
3.7
2021-06-11 CVE-2021-22898 Missing Initialization of Resource vulnerability in multiple products
curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers.
3.1
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5