Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-10	CVE-2023-35796	Cross-site Scripting vulnerability in Siemens Sinema Server 14.0 A vulnerability has been identified in SINEMA Server V14 (All versions). network low complexity siemens CWE-79 critical	9.0
2021-09-16	CVE-2021-40438	Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. network high complexity apache fedoraproject debian netapp broadcom f5 oracle siemens tenable CWE-918 critical	9.0
2021-09-16	CVE-2021-39275	Out-of-bounds Write vulnerability in multiple products ap_escape_quotes() may write beyond the end of a buffer when given malicious input. network low complexity apache fedoraproject debian netapp oracle siemens CWE-787 critical	9.8
2020-01-16	CVE-2019-10940	Improper Privilege Management vulnerability in Siemens Sinema Server 12.0/13.0/14.0 A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). network low complexity siemens CWE-269 critical	9.9