Vulnerabilities > Siemens > Sinema Remote Connect Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2022-22823 Integer Overflow or Wraparound vulnerability in multiple products
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
network
low complexity
libexpat-project tenable debian siemens CWE-190
critical
9.8
2022-01-10 CVE-2022-22822 Integer Overflow or Wraparound vulnerability in multiple products
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
network
low complexity
libexpat-project tenable siemens debian CWE-190
critical
9.8
2021-09-16 CVE-2021-40438 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.
9.0
2021-06-16 CVE-2021-20093 Out-of-bounds Read vulnerability in multiple products
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a.
network
low complexity
wibu siemens CWE-125
critical
9.1
2019-04-17 CVE-2019-6570 Improper Handling of Insufficient Permissions or Privileges vulnerability in Siemens Sinema Remote Connect Server 1.1/2.0
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0).
network
low complexity
siemens CWE-280
critical
9.0