Vulnerabilities > Siemens > Sinema Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-35796 Cross-site Scripting vulnerability in Siemens Sinema Server 14.0
A vulnerability has been identified in SINEMA Server V14 (All versions).
network
low complexity
siemens CWE-79
critical
9.0
2021-09-16 CVE-2021-40438 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.
9.0
2021-09-16 CVE-2021-39275 Out-of-bounds Write vulnerability in multiple products
ap_escape_quotes() may write beyond the end of a buffer when given malicious input.
network
low complexity
apache fedoraproject debian netapp oracle siemens CWE-787
critical
9.8
2020-01-16 CVE-2019-10940 Improper Privilege Management vulnerability in Siemens Sinema Server 12.0/13.0/14.0
A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1).
network
low complexity
siemens CWE-269
critical
9.9