Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ge vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-27440
The software contains a hard-coded password it uses for its own inbound authentication or for outbound communication to external components on the Reason DR60 (all firmware versions before 02A04.1).
Ge Reason Dr60 Firmware
7.8
CVSSv3
CVE-2021-27454
The software performs an operation at a privilege level higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses on the Reason DR60 (all firmware versions before 02A04.1).
Ge Reason Dr60 Firmware
7.8
CVSSv3
CVE-2022-3092
GE CIMPICITY versions 2022 and prior is vulnerable to an out-of-bounds write, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
7.8
CVSSv3
CVE-2022-2002
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
5.5
CVSSv3
CVE-2019-18255
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. This may allow privilege escalation.
Ge Ifix
7.8
CVSSv3
CVE-2020-36548
A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host.
Ge Voluson S8 Firmware -
7.8
CVSSv3
CVE-2020-36549
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed.
Ge Voluson S8 Firmware -
9.8
CVSSv3
CVE-2023-3463
All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, st...
Ge Cimplicity
6.1
CVSSv3
CVE-2022-37952
A reflected cross-site scripting (XSS) vulnerability exists in the iHistorian Data Display of WorkstationST (<v07.09.15) could allow an malicious user to compromise a victim's browser. WorkstationST is only deployed in specific, controlled environments rendering attack co...
Ge Workstationst
6.1
CVSSv3
CVE-2022-37953
An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an malicious user to compromise a victim's browser/session. WorkstationST is only deployed in specific, controlled environments render...
Ge Workstationst
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »