Vulnerabilities > Siemens > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-12 | CVE-2019-13931 | Cross-site Scripting vulnerability in Siemens XHQ 6.0.0.0 A vulnerability has been identified in XHQ (All versions < V6.0.0.2). | 5.4 |
| 2019-12-12 | CVE-2019-13945 | Unspecified vulnerability in Siemens products A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. low complexity siemens | 6.8 |
| 2019-12-12 | CVE-2019-13927 | Exposure of Resource to Wrong Sphere vulnerability in Siemens products A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320). | 5.3 |
| 2019-12-09 | CVE-2019-19645 | Uncontrolled Recursion vulnerability in multiple products alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. | 5.5 |
| 2019-11-27 | CVE-2019-19242 | NULL Pointer Dereference vulnerability in multiple products SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c. | 5.9 |
| 2019-11-27 | CVE-2019-13936 | Cross-site Scripting vulnerability in Siemens Polarion 19.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a persistent XSS vulnerability. | 5.4 |
| 2019-11-27 | CVE-2019-13935 | Cross-site Scripting vulnerability in Siemens Polarion 19.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. | 5.4 |
| 2019-11-27 | CVE-2019-13934 | Cross-site Scripting vulnerability in Siemens Polarion 19.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webclient of Siemens AG Polarion could allow an attacker to exploit a reflected XSS vulnerability. | 5.4 |
| 2019-10-10 | CVE-2019-13929 | Use of Insufficiently Random Values vulnerability in Siemens Simatic IT Uadm A vulnerability has been identified in SIMATIC IT UADM (All versions < V1.3). | 6.5 |
| 2019-09-13 | CVE-2019-13920 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). | 4.3 |