Vulnerabilities > Siemens > Sinema Server > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-35796 | Cross-site Scripting vulnerability in Siemens Sinema Server 14.0 A vulnerability has been identified in SINEMA Server V14 (All versions). | 9.0 |
| 2021-09-16 | CVE-2021-40438 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. | 9.0 |
| 2021-09-16 | CVE-2021-39275 | Out-of-bounds Write vulnerability in multiple products ap_escape_quotes() may write beyond the end of a buffer when given malicious input. | 9.8 |
| 2020-01-16 | CVE-2019-10940 | Improper Privilege Management vulnerability in Siemens Sinema Server 12.0/13.0/14.0 A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). | 9.0 |
| 2014-04-19 | CVE-2014-2731 | Remote Code Execution vulnerability in Siemens Sinema Server 12.0 Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port (1) 4999 or (2) 80. | 9.3 |