Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ge vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2020-6992
A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCADA product v10.0 and prior. If exploited, this vulnerability could allow an adversary to modify the system, leading to the arbitrary execution of code. This vulnerability is only ex...
Ge Cimplicity
1 Github repository
9.8
CVSSv3
CVE-2022-21798
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system.
Ge Cimplicity
9.8
CVSSv3
CVE-2017-14002
GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote malicious user to bypass authentication and gain access to the affecte...
Ge Infinia Hawkeye 4 Firmware -
9.8
CVSSv3
CVE-2016-2310
General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware prior to 5.5.0 and ML810, ML3000, and ML3100 switches with firmware prior to 5.5.0k have hardcoded credentials, which allows remote malicious users to modify configuration settings via the we...
Ge Multilink Firmware
7.8
CVSSv3
CVE-2023-1552
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an...
Ge Toolboxst
7.8
CVSSv3
CVE-2022-3084
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiRootOptionTable, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
7.8
CVSSv3
CVE-2022-2952
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
7.5
CVSSv3
CVE-2021-44477
GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band (OOB) attack. The vulnerability is ...
Ge Toolboxst
7.8
CVSSv3
CVE-2020-36547
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings.
Ge Voluson S8 Firmware -
NA
CVE-2012-3026
rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time Information Portal 2.6 up to and including 3.5 SP1 allows remote malicious users to cause a denial of service (memory corruption and service crash) or possibly execute arbitrary code via lon...
Ge Intelligent Platforms Proficy Real-time Information Portal 3.0
Ge Intelligent Platforms Proficy Real-time Information Portal 3.5
Ge Intelligent Platforms Proficy Real-time Information Portal 2.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »