Vulnerabilities > Siemens > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2022-23312 | Cross-site Scripting vulnerability in Siemens Spectrum Power 4 4.70 A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP9 Security Patch 1). | 6.1 |
| 2022-02-03 | CVE-2021-42059 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. | 6.7 |
| 2022-01-28 | CVE-2021-4160 | There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. | 5.9 |
| 2022-01-16 | CVE-2022-0235 | node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | 6.1 |
| 2022-01-11 | CVE-2021-37195 | Cross-site Scripting vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). | 6.1 |
| 2022-01-11 | CVE-2021-37196 | Path Traversal vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.3 (All versions >= V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). | 6.5 |
| 2022-01-10 | CVE-2022-0155 | follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor | 6.5 |
| 2021-12-16 | CVE-2021-42550 | Deserialization of Untrusted Data vulnerability in multiple products In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. | 6.6 |
| 2021-12-14 | CVE-2021-42022 | Unspecified vulnerability in Siemens Simatic Easie PCS 7 Skill 20.07/21.00 A vulnerability has been identified in SIMATIC eaSie PCS 7 Skill Package (All versions < V21.00 SP3). | 6.5 |
| 2021-12-14 | CVE-2021-42023 | Unspecified vulnerability in Siemens Modelsim and Questa A vulnerability has been identified in ModelSim Simulation (All versions), Questa Simulation (All versions). | 6.5 |