Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ge vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-27438
The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions before 02A04.1).
Ge Reason Dr60 Firmware
9.8
CVSSv3
CVE-2021-27440
The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions before 02A04.1).
Ge Reason Dr60 Firmware
7.8
CVSSv3
CVE-2021-27448
A miscommunication in the file system allows adversaries with access to the MU320E to escalate privileges on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
7.8
CVSSv3
CVE-2021-27450
SSH server configuration file does not implement some best practices. This could lead to a weakening of the SSH protocol strength, which could lead to additional misconfiguration or be leveraged as part of a larger attack on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
7.8
CVSSv3
CVE-2021-27452
The software contains a hard-coded password that could allow an malicious user to take control of the merging unit using these hard-coded credentials on the MU320E (all firmware versions prior to v04A00.1).
Ge Mu320e Firmware
7.8
CVSSv3
CVE-2021-27454
The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions before 02A04.1).
Ge Reason Dr60 Firmware
9.8
CVSSv3
CVE-2023-3463
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, st...
Ge Cimplicity
6.1
CVSSv3
CVE-2022-37952
A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could allow an malicious user to compromise a victim's browser. WorkstationST is only deployed in specific, controlled environments rendering attack co...
Ge Workstationst
6.1
CVSSv3
CVE-2022-37953
An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an malicious user to compromise a victim's browser/session. WorkstationST is only deployed in specific, controlled environments render...
Ge Workstationst
7.8
CVSSv3
CVE-2022-2948
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »