VYPR

Vendor CVEs

Siemens Foundation

All CVEs

2,020 total · sorted by risk
  • CVE-2011-4513Feb 3, 2012
    risk 0.00cvss epss 0.05

    Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a…

  • CVE-2011-4512Feb 3, 2012
    risk 0.00cvss epss 0.02

    CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC…

  • CVE-2011-4511Feb 3, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and…

  • CVE-2011-4510Feb 3, 2012
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and…

  • CVE-2011-4509Feb 3, 2012
    risk 0.00cvss epss 0.02

    The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime has an improperly selected default password for the…

  • CVE-2011-4508Feb 3, 2012
    risk 0.00cvss epss 0.03

    The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime generates predictable…

  • CVE-2011-4056Jan 8, 2012
    risk 0.00cvss epss 0.01

    An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files via the save method.

  • CVE-2011-4055Jan 8, 2012
    risk 0.00cvss epss 0.05

    Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a long string in a parameter associated with the location URL.

  • CVE-2008-6993Aug 19, 2009
    risk 0.00cvss epss 0.02

    Siemens Gigaset WLAN Camera 1.27 has an insecure default password, which allows remote attackers to conduct unauthorized activities. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

  • CVE-2008-2235Aug 1, 2008
    risk 0.00cvss epss 0.00

    OpenSC before 0.11.5 uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN.

  • CVE-2008-1267Mar 10, 2008
    risk 0.00cvss epss 0.02

    The Siemens SpeedStream 6520 router allows remote attackers to cause a denial of service (web interface crash) via an HTTP request to basehelp_English.htm with a large integer in the Content-Length field.

  • CVE-2007-4488Aug 22, 2007
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in the Siemens Gigaset SE361 WLAN router with firmware 1.00.0 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI immediately following the filename for (1) a GIF filename, which triggers…

  • CVE-2006-3907Jul 27, 2006
    risk 0.00cvss epss 0.02

    Siemens SpeedStream 2624 allows remote attackers to cause a denial of service (device hang) by sending a crafted packet to the web administrative interface.

  • CVE-2006-3344Jul 3, 2006
    risk 0.00cvss epss 0.02

    Siemens Speedstream Wireless Router 2624 allows local users to bypass authentication and access protected files by using the Universal Plug and Play UPnP/1.0 component.

  • CVE-2005-2424Aug 3, 2005
    risk 0.00cvss epss 0.02

    The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the…

  • CVE-2003-1464Dec 31, 2003
    risk 0.00cvss epss 0.02

    Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name.

  • CVE-2002-0122Mar 25, 2002
    risk 0.00cvss epss 0.02

    Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.

  • CVE-2001-0411Jun 18, 2001
    risk 0.00cvss epss 0.01

    Reliant Unix 5.44 and earlier allows remote attackers to cause a denial of service via an ICMP port unreachable packet, which causes Reliant to drop all connections to the source address of the packet.

  • CVE-2000-0964Dec 19, 2000
    risk 0.00cvss epss 0.04

    Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.

  • CVE-1999-0017Dec 10, 1997
    risk 0.00cvss epss 0.02

    FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.

Page 41 of 41