Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ge vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-44477
GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external entity (XXE) vulnerability using the DTD parameter entities technique that could result in disclosure and retrieval of arbitrary data on the affected node via an out-of-band (OOB) attack. The vulnerability is ...
Ge Toolboxst
7.5
CVSSv3
CVE-2022-43975
An issue exists in FC46-WebBridge on GE Grid Solutions MS3000 devices prior to 3.7.6.25p0_3.2.2.17p0_4.7p0. A vulnerability in the web server allows arbitrary files and configurations to be read via directory traversal over TCP port 8888.
Ge Ms 3000 Firmware
9.8
CVSSv3
CVE-2022-43976
An issue exists in FC46-WebBridge on GE Grid Solutions MS3000 devices prior to 3.7.6.25p0_3.2.2.17p0_4.7p0. Direct access to the API is possible on TCP port 8888 via programs located in the cgi-bin folder without any authentication.
Ge Ms 3000 Firmware
9.8
CVSSv3
CVE-2022-43977
An issue exists on GE Grid Solutions MS3000 devices prior to 3.7.6.25p0_3.2.2.17p0_4.7p0. The debug port accessible via TCP (a qconn service) lacks access control.
Ge Ms 3000 Firmware
7.8
CVSSv3
CVE-2022-2002
GE CIMPICITY versions 2022 and prior is vulnerable when data from faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
9.8
CVSSv3
CVE-2022-21798
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system.
Ge Cimplicity
7.8
CVSSv3
CVE-2022-2948
GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
7.8
CVSSv3
CVE-2022-2952
GE CIMPICITY versions 2022 and prior is vulnerable when data from a faulting address controls code flow starting at gmmiObj!CGmmiOptionContainer, which could allow an malicious user to execute arbitrary code.
Ge Cimplicity
6.1
CVSSv3
CVE-2022-37953
An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an malicious user to compromise a victim's browser/session. WorkstationST is only deployed in specific, controlled environments render...
Ge Workstationst
7.8
CVSSv3
CVE-2020-36547
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings.
Ge Voluson S8 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »