Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Siemens Subscribe
Total 1529 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-4512 1 Siemens 5 Simatic Hmi Panels, Wincc, Wincc Flexible and 2 more 2012-02-05 5.0 MEDIUM N/A
CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
CVE-2011-4531 1 Siemens 1 Automation License Manager 2012-01-09 5.0 MEDIUM N/A
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted content in a (1) get_target_ocx_param or (2) send_target_ocx_param command.
CVE-2011-4530 1 Siemens 1 Automation License Manager 2012-01-09 5.0 MEDIUM N/A
Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 does not properly copy fields obtained from clients, which allows remote attackers to cause a denial of service (exception and daemon crash) via long fields, as demonstrated by fields to the (1) open_session->workstation->NAME or (2) grant->VERSION function.
CVE-2011-4056 1 Siemens 1 Tecnomatix Factorylink 2012-01-09 5.8 MEDIUM N/A
An unspecified ActiveX control in ActBar.ocx in Siemens Tecnomatix FactoryLink 6.6.1 (aka 6.6 SP1), 7.5.217 (aka 7.5 SP2), and 8.0.2.54 allows remote attackers to create or overwrite arbitrary files via the save method.
CVE-2011-4529 1 Siemens 1 Automation License Manager 2012-01-08 7.5 HIGH N/A
Multiple buffer overflows in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 allow remote attackers to execute arbitrary code via a long serialid field in an _licensekey command, as demonstrated by the (1) check_licensekey or (2) read_licensekey command.
CVE-2011-4532 1 Siemens 1 Automation License Manager 2012-01-08 5.0 MEDIUM N/A
Absolute path traversal vulnerability in the ALMListView.ALMListCtrl ActiveX control in almaxcx.dll in the graphical user interface in Siemens Automation License Manager (ALM) 2.0 through 5.1+SP1+Upd2 allows remote attackers to overwrite arbitrary files via the Save method.
CVE-2008-6993 1 Siemens 1 Gigaset Wlan Camera 2009-08-20 10.0 HIGH N/A
Siemens Gigaset WLAN Camera 1.27 has an insecure default password, which allows remote attackers to conduct unauthorized activities. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2002-0122 1 Siemens 1 3568i Wap 2008-09-10 5.0 MEDIUM N/A
Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.
CVE-2001-0384 1 Siemens 1 Reliant Unix 2008-09-05 2.1 LOW N/A
ppd in Reliant Sinix allows local users to corrupt arbitrary files via a symlink attack in the /tmp/ppd.trace file.