Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens sinec nms vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2021-33728
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected system allows to upload JSON objects that are deserialized to JAVA objects. Due to insecure deserialization of user-supplied content by the affected software, a privileged attacke...
Siemens Sinec Nms
Siemens Sinec Nms 1.0
7.2
CVSSv3
CVE-2021-33721
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges c...
Siemens Sinec Network Management System
Siemens Sinec Network Management System 1.0
6.7
CVSSv3
CVE-2020-7580
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All...
Siemens Simatic Pcs 7
Siemens Simatic Wincc 7.4
Siemens Simatic Wincc Runtime Advanced
Siemens Sinema Server
Siemens Simatic Net Pc 16
Siemens Simatic Net Pc
Siemens Simatic Prosave
Siemens Simatic Pcs Neo
Siemens Simatic Automatic Tool
Siemens Simatic Step 7 5.6
Siemens Simatic Step 7
Siemens Simatic Wincc Open Architecture 3.17
Siemens Simatic Wincc Open Architecture 3.16
Siemens Sinumerik Operate
Siemens Sinumerik One Virtual
Siemens Sinec Network Management System
Siemens Sinamics Startdrive
Siemens Sinamics Starter Commissioning Tool
Siemens Simatic Wincc 7.5
Siemens Simatic Wincc
Siemens Simatic Wincc Runtime Professional
Siemens Simatic S7-1500 Software Controller
6.6
CVSSv3
CVE-2021-42550
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
Qos Logback 1.3.0
Qos Logback
Redhat Satellite 6.0
Netapp Snap Creator Framework -
Netapp Service Level Manager -
Netapp Cloud Manager -
Siemens Sinec Nms
7 Github repositories
6.5
CVSSv3
CVE-2023-2650
Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
6.5
CVSSv3
CVE-2023-31147
c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom() are unavailable, c-ares uses rand() to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand() so will generate predictable output. Input from the ra...
C-ares Project C-ares
Fedoraproject Fedora 37
Fedoraproject Fedora 38
6.5
CVSSv3
CVE-2021-33723
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An authenticated attacker could change the user profile of any user without proper authorization. With this, the attacker could change the password of any user in the affected system.
Siemens Sinec Nms 1.0
Siemens Sinec Nms
6.5
CVSSv3
CVE-2021-33727
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An authenticated attacker could download the user profile of any user. With this, the attacker could leak confidential information of any user in the affected system.
Siemens Sinec Nms
Siemens Sinec Nms 1.0
6.4
CVSSv3
CVE-2023-31130
c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would r...
C-ares Project C-ares
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2023-46282
A vulnerability has been identified in Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Por...
Siemens Totally Integrated Automation Portal 18
Siemens Simatic Pcs Neo
Siemens Totally Integrated Automation Portal
Siemens Totally Integrated Automation Portal -
Siemens Opcenter Quality -
Siemens Sinumerik Integrate Runmyhmi \\/automotive -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »