Vulnerabilities > Siemens > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-12 | CVE-2020-8698 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2020-11-12 | CVE-2020-0591 | Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-11-06 | CVE-2020-28168 | Server-Side Request Forgery (SSRF) vulnerability in multiple products Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address. | 5.9 |
| 2020-10-22 | CVE-2019-17007 | Improper Certificate Validation vulnerability in multiple products In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service. | 5.0 |
| 2020-10-22 | CVE-2018-18508 | NULL Pointer Dereference vulnerability in multiple products In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service. | 4.3 |
| 2020-10-15 | CVE-2020-15794 | Information Exposure Through an Error Message vulnerability in Siemens Desigo Insight 4.0/5.0/6.0 A vulnerability has been identified in Desigo Insight (All versions). | 4.0 |
| 2020-10-15 | CVE-2020-15793 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Siemens Desigo Insight 4.0/5.0/6.0 A vulnerability has been identified in Desigo Insight (All versions). | 5.8 |
| 2020-10-15 | CVE-2020-15792 | SQL Injection vulnerability in Siemens Desigo Insight 4.0/5.0/6.0 A vulnerability has been identified in Desigo Insight (All versions). | 4.0 |
| 2020-10-13 | CVE-2020-7590 | Use of Hard-coded Password vulnerability in Siemens DCA Vantage Analyzer Firmware A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. | 4.6 |
| 2020-09-09 | CVE-2020-15790 | Information Exposure vulnerability in Siemens Spectrum Power 4 4.70 A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP8). | 5.0 |