Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-10	CVE-2022-22823	Integer Overflow or Wraparound vulnerability in multiple products build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190 critical	9.8
2022-01-10	CVE-2022-22822	Integer Overflow or Wraparound vulnerability in multiple products addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable siemens debian CWE-190 critical	9.8
2021-09-16	CVE-2021-40438	Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. network high complexity apache fedoraproject debian netapp broadcom f5 oracle siemens tenable CWE-918 critical	9.0
2021-06-16	CVE-2021-20093	Out-of-bounds Read vulnerability in multiple products A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. network low complexity wibu siemens CWE-125 critical	9.1
2019-04-17	CVE-2019-6570	Improper Handling of Insufficient Permissions or Privileges vulnerability in Siemens Sinema Remote Connect Server 1.1/2.0 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). network low complexity siemens CWE-280 critical	9.0