Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ge vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-19003
GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100e_Reg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vuln...
Ge Ex2100e Firmware
Ge Ls2100e Firmware
Ge Mark Vle Firmware
8.8
CVSSv3
CVE-2020-25197
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote malicious user to execute arbitrary code on the system.
Ge Rt430 Firmware
Ge Rt431 Firmware
Ge Rt434 Firmware
5.3
CVSSv3
CVE-2020-25193
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encrypted traffic through an HTTPS connection.
Ge Rt430 Firmware
Ge Rt431 Firmware
Ge Rt434 Firmware
6.7
CVSSv3
CVE-2016-9360
An issue exists in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. An attacker may be able to retrieve user passwords if he or sh...
Ge Cimplicity
Ge Historian
Ge Ifix
1 Article
9.8
CVSSv3
CVE-2020-12017
GE Grid Solutions Reason RT Clocks, RT430, RT431, and RT434, all firmware versions before 08A05. The device’s vulnerability in the web application could allow multiple unauthenticated attacks that could cause serious impact. The vulnerability may allow an unauthenticated ma...
Ge Rt430 Firmware
Ge Rt431 Firmware
Ge Rt434 Firmware
9.8
CVSSv3
CVE-2023-0598
GE Digital Proficy iFIX 2022, GE Digital Proficy iFIX v6.1, and GE Digital Proficy iFIX v6.5 are vulnerable to code injection, which may allow an malicious user to insert malicious configuration files in the expected web server execution path and gain full control of the HMI sof...
Ge Ifix 6.5
Ge Ifix 2022
Ge Ifix 6.1
9.1
CVSSv3
CVE-2018-15362
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0
Ge Cimplicity 9.5
Ge Cimplicity 10.0
Ge Cimplicity 9.0 R2
5.6
CVSSv3
CVE-2019-6544
GE Communicator, all versions before 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. This service is inacc...
Ge Ge Communicator
7.8
CVSSv3
CVE-2019-6546
GE Communicator, all versions before 4.0.517, allows an malicious user to place malicious files within the working directory of the program, which may allow an malicious user to manipulate widgets and UI elements.
Ge Ge Communicator
9.8
CVSSv3
CVE-2019-6548
GE Communicator, all versions before 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.
Ge Ge Communicator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »