Vulnerabilities > Siemens > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-12 | CVE-2018-3657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access. | 6.7 |
| 2018-09-12 | CVE-2018-3616 | Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. | 5.9 |
| 2018-08-17 | CVE-2018-15473 | Race Condition vulnerability in multiple products OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. | 5.3 |
| 2018-08-07 | CVE-2018-11456 | Unspecified vulnerability in Siemens Automation License Manager A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). | 5.8 |
| 2018-07-09 | CVE-2018-11450 | Cross-site Scripting vulnerability in Siemens Teamcenter Product Lifecycle Management 9.1.2.5 A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). | 6.1 |
| 2018-07-05 | CVE-2017-11175 | Cross-site Scripting vulnerability in Siemens FIN Stack 4.0 In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /login. | 6.1 |
| 2018-07-03 | CVE-2018-4856 | Unspecified vulnerability in Siemens Siclock Tc100 Firmware and Siclock Tc400 Firmware A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). | 4.9 |
| 2018-07-03 | CVE-2018-4855 | Missing Encryption of Sensitive Data vulnerability in Siemens Siclock Tc100 Firmware and Siclock Tc400 Firmware A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). | 6.5 |
| 2018-06-26 | CVE-2018-4861 | Information Exposure vulnerability in Siemens Scalance M875 Firmware A vulnerability has been identified in SCALANCE M875 (All versions). | 4.9 |
| 2018-06-26 | CVE-2018-11448 | Cross-site Scripting vulnerability in Siemens Scalance M875 Firmware A vulnerability has been identified in SCALANCE M875 (All versions). | 4.8 |