Vulnerabilities > Siemens > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2021-46159 | Out-of-bounds Write vulnerability in Siemens Simcenter Femap 2020.2/2021.1 A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). | 6.8 |
| 2022-02-09 | CVE-2021-46160 | Out-of-bounds Write vulnerability in Siemens Simcenter Femap 2020.2/2021.1 A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). | 6.8 |
| 2022-02-09 | CVE-2021-46161 | Out-of-bounds Write vulnerability in Siemens Simcenter Femap 2020.2/2021.1 A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). | 6.8 |
| 2022-02-09 | CVE-2022-23102 | Open Redirect vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). | 5.8 |
| 2022-02-09 | CVE-2022-23312 | Cross-site Scripting vulnerability in Siemens Spectrum Power 4 4.70 A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP9 Security Patch 1). | 4.3 |
| 2022-02-03 | CVE-2021-33625 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Kernel 5.x in Insyde InsydeH2O, affecting HddPassword. | 6.9 |
| 2022-02-03 | CVE-2020-5953 | A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. | 6.9 |
| 2022-01-28 | CVE-2021-4160 | There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. | 5.9 |
| 2022-01-16 | CVE-2022-0235 | Information Exposure vulnerability in multiple products node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | 6.1 |
| 2022-01-11 | CVE-2021-37197 | SQL Injection vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). | 6.0 |