Vulnerabilities > Siemens > Sinema Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-35796 Cross-site Scripting vulnerability in Siemens Sinema Server 14.0
A vulnerability has been identified in SINEMA Server V14 (All versions).
network
low complexity
siemens CWE-79
critical
9.0
2021-09-16 CVE-2021-40438 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.
9.0
2021-09-16 CVE-2021-39275 Out-of-bounds Write vulnerability in multiple products
ap_escape_quotes() may write beyond the end of a buffer when given malicious input.
network
low complexity
apache fedoraproject debian netapp oracle siemens CWE-787
critical
9.8
2020-01-16 CVE-2019-10940 Improper Privilege Management vulnerability in Siemens Sinema Server 12.0/13.0/14.0
A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1).
network
low complexity
siemens CWE-269
critical
9.0
2014-04-19 CVE-2014-2731 Remote Code Execution vulnerability in Siemens Sinema Server 12.0
Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port (1) 4999 or (2) 80.
network
siemens
critical
9.3