VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Siemens
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2020-12-14
CVE-2019-19289
Cross-Site Request Forgery (CSRF) vulnerability in Siemens XHQ 6.0.0.0/6.0.0.2
A vulnerability has been identified in XHQ (All Versions < 6.1).
network
siemens
CWE-352
6.8
6.8
2020-12-14
CVE-2019-19288
Cross-site Scripting vulnerability in Siemens XHQ 6.0.0.0/6.0.0.2
A vulnerability has been identified in XHQ (All Versions < 6.1).
network
siemens
CWE-79
4.3
4.3
2020-12-14
CVE-2019-19287
Relative Path Traversal vulnerability in Siemens XHQ 6.0.0.0/6.0.0.2
A vulnerability has been identified in XHQ (All Versions < 6.1).
network
low complexity
siemens
CWE-23
4.0
4.0
2020-12-14
CVE-2019-19286
SQL Injection vulnerability in Siemens XHQ 6.0.0.0/6.0.0.2
A vulnerability has been identified in XHQ (All Versions < 6.1).
network
low complexity
siemens
CWE-89
6.5
6.5
2020-12-14
CVE-2019-19283
Information Exposure vulnerability in Siemens XHQ 6.0.0.0/6.0.0.2
A vulnerability has been identified in XHQ (All Versions < 6.1).
network
low complexity
siemens
CWE-200
5.0
5.0
2020-12-11
CVE-2020-17437
Out-of-bounds Write vulnerability in multiple products
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products.
network
low complexity
uip-project
open-iscsi-project
siemens
CWE-787
6.4
6.4
2020-12-11
CVE-2020-13987
Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Contiki through 3.0.
network
low complexity
uip-project
open-iscsi-project
siemens
CWE-125
5.0
5.0
2020-12-11
CVE-2020-7793
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).
network
low complexity
ua-parser-js-project
siemens
5.0
5.0
2020-12-08
CVE-2020-1971
NULL Pointer Dereference vulnerability in multiple products
The X.509 GeneralName type is a generic type for representing different types of names.
network
high complexity
openssl
debian
fedoraproject
oracle
netapp
tenable
siemens
nodejs
CWE-476
5.9
5.9
2020-11-12
CVE-2020-8745
Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
low complexity
intel
siemens
6.8
6.8
«
Previous
1
2
...
48
49
50
(current)
51
52
...
85
86
»
Next