|
308251
|
7.3 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47942
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308252
|
7.8 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47941
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308253
|
7.8 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47940
|
2024-11-14 08:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308254
|
6.5 |
MEDIUM
Local
|
siemens
|
sinec_nms
|
A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-47808
|
2024-11-14 08:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308255
|
7.8 |
HIGH
Local
|
siemens
|
siport
|
A vulnerability has been identified in SIPORT (All versions < V3.4.0). The affected application improperly assigns file permissions to installation folders.
This could allow a local attacker with …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-47783
|
2024-11-14 08:13 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308256
|
8.1 |
HIGH
Network
|
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or …
|
CWE-613
Insufficient Session Expiration
|
CVE-2024-46892
|
2024-11-14 08:13 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308257
|
9.1 |
CRITICAL
Network
|
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could al…
|
CWE-78
OS Command
|
CVE-2024-46890
|
2024-11-14 08:12 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308258
|
5.3 |
MEDIUM
Network
|
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application uses hard-coded cryptographic key material to obfuscate configuration files. This could a…
|
CWE-321
Use of Hard-coded Cryptographic Key
|
CVE-2024-46889
|
2024-11-14 08:11 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308259
|
9.9 |
CRITICAL
Network
|
siemens
|
sinec_ins
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly sanitize user provided paths for SFTP-based file up- and downloads. Thi…
|
CWE-22
Path Traversal
|
CVE-2024-46888
|
2024-11-14 08:11 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308260
|
10.0 |
CRITICAL
Network
|
siemens
|
telecontrol_server_basic
|
A vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions < V3.1.2.1 with redundancy configured), PP TeleControl Server Basic 256 to 1000…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-44102
|
2024-11-14 08:05 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
