Vulnerabilities > Siemens > Sinema Remote Connect Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-07-09 CVE-2024-39872 Unspecified vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).
network
low complexity
siemens
critical
 9.9
9.9
2024-03-12 CVE-2022-32257 Improper Access Control vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2).
network
low complexity
siemens CWE-284
critical
 9.8
9.8
2022-06-14 CVE-2022-32262 Command Injection vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1).
network
low complexity
siemens CWE-77
critical
 9.8
9.8
2022-06-14 CVE-2022-32260 Unspecified vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).
network
low complexity
siemens
critical
 9.8
9.8
2022-06-14 CVE-2022-32251 Missing Authentication for Critical Function vulnerability in Siemens Sinema Remote Connect Server
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1).
network
low complexity
siemens CWE-306
critical
 9.8
9.8
2022-02-18 CVE-2022-25315 Integer Overflow or Wraparound vulnerability in multiple products
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
network
low complexity
libexpat-project debian fedoraproject oracle siemens CWE-190
critical
 9.8
9.8
2022-02-16 CVE-2022-25236 Exposure of Resource to Wrong Sphere vulnerability in multiple products
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
network
low complexity
libexpat-project debian oracle siemens CWE-668
critical
 9.8
9.8
2022-02-16 CVE-2022-25235 Improper Encoding or Escaping of Output vulnerability in multiple products
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
network
low complexity
libexpat-project debian fedoraproject oracle siemens CWE-116
critical
 9.8
9.8
2022-01-24 CVE-2022-23852 Integer Overflow or Wraparound vulnerability in multiple products
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
network
low complexity
libexpat-project netapp tenable debian oracle siemens CWE-190
critical
 9.8
9.8
2022-01-10 CVE-2022-22824 Integer Overflow or Wraparound vulnerability in multiple products
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
network
low complexity
libexpat-project tenable debian siemens CWE-190
critical
 9.8
9.8