| CVE-2012-3003 |
medium |
— |
5.8 |
|
|
siemens |
14y ago |
Open redirect vulnerability in an unspecified web application in Siemens WinCC 7.0 SP3 before Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi… |
| CVE-2012-2598 |
medium |
— |
4.3 |
|
|
siemens |
14y ago |
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input. |
| CVE-2012-2597 |
medium |
— |
4.0 |
|
|
siemens |
14y ago |
Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL. |
| CVE-2012-2596 |
medium |
— |
5.5 |
|
|
siemens |
14y ago |
The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to … |
| CVE-2012-2595 |
medium |
— |
4.3 |
|
|
siemens |
14y ago |
Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors … |
| CVE-2012-1800 |
medium |
— |
6.1 |
|
|
siemens |
14y ago |
Stack-based buffer overflow in the Profinet DCP protocol implementation on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 allows remote att… |
| CVE-2012-1799 |
critical |
— |
10.0 |
|
|
siemens |
14y ago |
The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier … |
| CVE-2011-4876 |
critical |
— |
10.0 |
EXP |
|
siemens |
15y ago |
Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels … |
| CVE-2011-4875 |
critical |
— |
10.0 |
EXP |
|
siemens |
15y ago |
Stack-based buffer overflow in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATI… |
| CVE-2011-4514 |
critical |
— |
10.0 |
|
|
siemens |
15y ago |
The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; a… |
| CVE-2011-4513 |
critical |
— |
10.0 |
|
|
siemens |
15y ago |
Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Run… |
| CVE-2011-4512 |
medium |
— |
5.0 |
|
|
siemens |
15y ago |
CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and… |
| CVE-2011-4511 |
medium |
— |
4.3 |
|
|
siemens |
15y ago |
Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort… |
| CVE-2011-4510 |
medium |
— |
4.3 |
|
|
siemens |
15y ago |
Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort… |
| CVE-2011-4509 |
critical |
— |
10.0 |
|
|
siemens |
15y ago |
The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; … |
| CVE-2011-4508 |
critical |
— |
9.3 |
|
|
siemens |
15y ago |
The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panel… |
| CVE-2011-4532 |
medium |
— |
6.0 |
EXP |
|
siemens |
15y ago |
Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd… |
| CVE-2011-4531 |
medium |
— |
6.0 |
EXP |
|
siemens |
15y ago |
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_tar… |
| CVE-2011-4530 |
medium |
— |
6.0 |
EXP |
|
siemens |
15y ago |
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon… |
| CVE-2011-4056 |
medium |
— |
5.8 |
|
|
siemens |
15y ago |
An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files … |
| CVE-2011-4055 |
critical |
— |
9.3 |
|
|
siemens |
15y ago |
Buffer overflow in the WebClient ActiveX control in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to execute arbitrary code via a lon… |
| CVE-2011-3321 |
critical |
— |
9.3 |
|
|
siemens |
15y ago |
Heap-based buffer overflow in the Siemens WinCC Runtime Advanced Loader, as used in SIMATIC WinCC flexible Runtime and SIMATIC WinCC (TIA Portal) Runtime Advanced, allows remote attackers to cause a … |
