VYPR
Vendor

Ge

Products
67
CVEs
80
Across products
105
Status
Private

Products

67
View all 67 products →

Recent CVEs

80
View all 80 CVEs →
  • CVE-2016-5788CriNov 25, 2016
    risk 0.65cvss 10.0epss 0.02

    General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors.

  • CVE-2018-10611CriJun 4, 2018
    risk 0.64cvss 9.8epss 0.05

    Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services.

  • CVE-2017-14008CriMar 20, 2018
    risk 0.64cvss 9.8epss 0.03

    GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

  • CVE-2017-14006CriMar 20, 2018
    risk 0.64cvss 9.8epss 0.02

    GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the…

  • CVE-2017-14004CriMar 20, 2018
    risk 0.64cvss 9.8epss 0.02

    GE GEMNet License server (EchoServer) all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

  • CVE-2017-7905CriJun 30, 2017
    risk 0.64cvss 9.8epss 0.01

    A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 760 Feeder Protection Relay, firmware versions prior to Version 7.47; SR 469 Motor Protection Relay, firmware…

  • CVE-2016-2310CriJun 9, 2016
    risk 0.64cvss 9.8epss 0.03

    General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5.5.0 and ML810, ML3000, and ML3100 switches with firmware before 5.5.0k have hardcoded credentials, which allows remote attackers to modify configuration settings via the web…

  • CVE-2008-0174CriJan 29, 2008
    risk 0.64cvss 9.8epss 0.02

    GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the passwords and gain privileges.

  • CVE-2016-0861HigFeb 5, 2016
    risk 0.61cvss 8.8epss 0.14

    General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors.

  • CVE-2018-10615HigJun 4, 2018
    risk 0.53cvss 8.1epss 0.03

    Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform.

  • CVE-2018-8867HigMay 18, 2018
    risk 0.49cvss 7.5epss 0.03

    In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could…

  • CVE-2018-6021HigMay 9, 2018
    risk 0.48cvss 7.4epss 0.01

    Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) version GEH-1.1 and prior have a system call parameter that is not properly sanitized, which may allow remote code execution.

  • CVE-2016-0862MedFeb 5, 2016
    risk 0.46cvss 6.5epss 0.10

    General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors.

  • CVE-2017-12732MedOct 5, 2017
    risk 0.44cvss 6.8epss 0.01

    A Stack-based Buffer Overflow issue was discovered in GE CIMPLICITY Versions 9.0 and prior. A function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead to an arbitrary remote code execution.

  • CVE-2016-9360MedFeb 13, 2017
    risk 0.44cvss 6.7epss 0.00

    An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and prior versions, Proficy HMI/SCADA CIMPLICITY Version 9.0 and prior versions, and Proficy Historian Version 6.0 and prior versions. An attacker may be able to retrieve user passwords if…

  • CVE-2018-6020MedMay 9, 2018
    risk 0.42cvss 6.5epss 0.01

    In Silex SX-500 all versions and GE MobileLink(GEH-500) version 1.54 and prior, authentication is not verified when making certain POST requests, which may allow attackers to modify system settings.

  • CVE-2016-5787MedJul 15, 2016
    risk 0.41cvss 6.3epss 0.00

    General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 27 mishandles service DACLs, which allows local users to modify a service configuration via unspecified vectors.

  • CVE-2015-3976MedAug 28, 2017
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in GE Multilink ML810/3000/3100 series switch 5.2.0 and earlier, and GE Multilink ML800/1200/1600/2400 4.2.1 and earlier.

  • CVE-2014-0750Jan 25, 2014
    risk 0.09cvss epss 0.70

    Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP…

  • CVE-2012-2516Jul 5, 2012
    risk 0.06cvss epss 0.40

    An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; Proficy HMI/SCADA iFIX 5.0 and 5.1; Proficy Pulse 1.0; Proficy Batch Execution 5.6; SI7 I/O Driver 7.20…