Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens sinec infrastructure network services vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-22930
Node.js prior to 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
Nodejs Node.js
Netapp Nextgen Api -
Siemens Sinec Infrastructure Network Services
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2021-27290
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.
Ssri Project Ssri
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
5
CVSSv2
CVE-2020-8169
curl 7.62.0 up to and including 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).
Haxx Curl
Siemens Simatic Tim 1531 Irc Firmware
Debian Debian Linux 10.0
Siemens Sinec Infrastructure Network Services
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
5
CVSSv2
CVE-2019-19924
SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling.
Sqlite Sqlite 3.30.1
Siemens Sinec Infrastructure Network Services
Apache Bookkeeper 4.12.1
Oracle Mysql Workbench
Netapp Cloud Backup -
1 Github repository
5
CVSSv2
CVE-2019-19244
sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage.
Sqlite Sqlite 3.30.1
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Oracle Mysql Workbench
Siemens Sinec Infrastructure Network Services
6.4
CVSSv2
CVE-2021-20093
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.
Wibu Codemeter
Siemens Pss Cape -
Siemens Sicam 230 Firmware
Siemens Sinema Remote Connect Server
Siemens Sinema Remote Connect Server 3.0
Siemens Simatic Information Server 2019
Siemens Sinec Infrastructure Network Services
Siemens Simatic Pcs Neo
Siemens Simit Simulation Platform
Siemens Simit Simulation Platform 10.3
Siemens Simatic Wincc Oa 3.18
Siemens Sinec Infrastructure Network Services 1.0.1
Siemens Simatic Wincc Oa 3.17
Siemens Simatic Process Historian
Siemens Simatic Process Historian 2020
Siemens Simatic Information Server 2020
7.5
CVSSv2
CVE-2019-19317
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows malicious users to cause a denial of service or possibly have unspecified other impact.
Sqlite Sqlite 3.30.1
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Oracle Mysql Workbench
Siemens Sinec Infrastructure Network Services
4.4
CVSSv2
CVE-2021-37701
The npm package "tar" (aka node-tar) prior to 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. Thi...
Npmjs Tar
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
7.5
CVSSv2
CVE-2020-7774
The package y18n prior to 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution.
Y18n Project Y18n
Y18n Project Y18n 4.0.0
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Siemens Sinec Infrastructure Network Services
4.4
CVSSv2
CVE-2021-37712
The npm package "tar" (aka node-tar) prior to 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. Th...
Npmjs Tar
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »