Vulnerabilities > Siemens > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-14 | CVE-2020-25234 | Use of Hard-coded Cryptographic Key vulnerability in Siemens Logo! 8 BM Firmware A vulnerability has been identified in LOGO! 8 BM (incl. | 3.6 |
| 2020-12-14 | CVE-2020-8284 | A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. | 3.7 |
| 2020-09-09 | CVE-2020-15791 | Insufficiently Protected Credentials vulnerability in Siemens products A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. | 3.3 |
| 2020-07-14 | CVE-2020-10040 | Use of Password Hash With Insufficient Computational Effort vulnerability in Siemens products A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). | 2.1 |
| 2020-07-14 | CVE-2020-7592 | Cleartext Transmission of Sensitive Information vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. | 3.3 |
| 2020-06-27 | CVE-2020-15358 | Out-of-bounds Write vulnerability in multiple products In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. | 2.1 |
| 2019-12-12 | CVE-2019-13931 | Cross-site Scripting vulnerability in Siemens XHQ 6.0.0.0 A vulnerability has been identified in XHQ (All versions < V6.0.0.2). | 3.5 |
| 2019-12-09 | CVE-2019-19645 | Uncontrolled Recursion vulnerability in multiple products alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. | 2.1 |
| 2019-11-27 | CVE-2019-13934 | Cross-site Scripting vulnerability in Siemens Polarion 19.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. | 3.5 |
| 2019-11-27 | CVE-2019-13935 | Cross-site Scripting vulnerability in Siemens Polarion 19.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. | 3.5 |