Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

SINEMA Remote Connect Server Security Vulnerabilities

cve
cve

CVE-2019-13918

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). The web interface has no means to prevent password guessing attacks. The vulnerability could be exploited by an attacker with network access to the vulnerable software, requiring no privileges and no.....

9.8CVSS

9.1AI Score

0.002EPSS

2019-09-13 05:15 PM
239
cve
cve

CVE-2019-6570

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the...

8.8CVSS

8.3AI Score

0.001EPSS

2019-04-17 02:29 PM
23
cve
cve

CVE-2019-3822

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()), generates the request HTTP header contents based on previously received data. The check that....

9.8CVSS

9.3AI Score

0.171EPSS

2019-02-06 08:29 PM
272
6
cve
cve

CVE-2018-16890

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (lib/vauth/ntlm.c:ntlm_decode_type2_target) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that....

7.5CVSS

8.6AI Score

0.046EPSS

2019-02-06 08:29 PM
200
4
cve
cve

CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation...

7.5CVSS

7.5AI Score

0.017EPSS

2018-09-06 09:29 PM
461
In Wild
2
cve
cve

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store....

5.5CVSS

5.9AI Score

0.003EPSS

2018-05-22 12:29 PM
538
In Wild
2
cve
cve

CVE-2016-7165

A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (Al...

6.4CVSS

6.9AI Score

0.001EPSS

2016-11-15 07:30 PM
26
cve
cve

CVE-2016-6204

Cross-site scripting (XSS) vulnerability in the integrated web server in Siemens SINEMA Remote Connect Server before 1.2 allows remote attackers to inject arbitrary web script or HTML via a crafted...

6.1CVSS

6AI Score

0.002EPSS

2016-07-22 03:59 PM
18
4
Total number of security vulnerabilities58