CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

467 matches found

NCSC•added 2024/11/12 2:19 p.m.•13 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Mendix, RUGGEDCOM, SCALANCE, SIMATIC and SINEC. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Cross-Site Scripting XSS. -...

10CVSS7.5AI score0.944EPSS

Exploits40References12

NVD•added 2024/11/12 1:15 p.m.•11 views

CVE-2024-50313

A vulnerability has been identified in Mendix Runtime V10 All versions V10.16.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.7 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All versio...

6.9CVSS0.00561EPSS

Exploits0References1

OSV•added 2024/11/12 1:15 p.m.•0 views

CVE-2024-50313

6.9CVSS7.2AI score

Exploits0References1

Cvelist•added 2024/11/12 12:49 p.m.•13 views

CVE-2024-50313

6.9CVSS0.00561EPSS

Exploits0References1

CVE•added 2024/11/12 12:49 p.m.•44 views

CVE-2024-50313

CVE-2024-50313 affects Siemens Mendix Runtime across multiple branches (V8, V9, V10, including V10.6/10.12/10.16 lines) where the basic authentication implementation has a race condition that could let unauthenticated remote actors bypass default account lockout. Affected versions include all V8 ...

6.9CVSS5.3AI score0.00561EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/11/12 12:49 p.m.•8 views

CVE-2024-50313

6.9CVSS5.3AI score0.00561EPSS

Exploits0References1

CNNVD•added 2024/11/12 12:0 a.m.•1 views

Siemens Mendix Runtime 竞争条件问题漏洞

Mendix is a highly productive application platform that enables you to build and continuously improve mobile and web applications at scale. A competitive condition vulnerability exists in Siemens Mendix, which can be exploited by an unauthenticated, remote attacker to bypass default account locko...

6.9CVSS6.9AI score0.00561EPSS

Exploits0References3

CNVD•added 2024/09/12 12:0 a.m.•5 views

Siemens Mendix Runtime Information Disclosure Vulnerability

Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment and iteration. An information disclosure vulnerability exists in Siemens Mendix Runtime, which stems from the affected application's authentication...

6.9CVSS6.7AI score0.0035EPSS

Exploits0References1

NCSC•added 2024/09/10 6:20 p.m.•5 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Mendix, SICAM, SIMATIC, SINEMA, SINUMERIK and Tecnomatix. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of dat...

10CVSS8.2AI score0.63835EPSS

Exploits72References15

NVD•added 2024/09/10 10:15 a.m.•6 views

CVE-2023-49069

A vulnerability has been identified in Mendix Runtime V10 All versions V10.17.0 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.12 All versions V10.12.11 only if the basic authentication mechanism is used by the application, Mendix Runtime V10.6 All...

6.9CVSS0.0035EPSS

Exploits0References1

CVE•added 2024/09/10 9:36 a.m.•41 views

CVE-2023-49069

The CVE relates to Mendix Runtime authentication: an observable response discrepancy when validating usernames in basic authentication allows unauthenticated remote attackers to distinguish valid vs invalid usernames. Affected versions include Mendix Runtime V8 (all versions < V8.18.33), V9 (&...

6.9CVSS5.4AI score0.0035EPSS

Exploits0References1

Vulnrichment•added 2024/09/10 9:36 a.m.•14 views

CVE-2023-49069

6.9CVSS5.4AI score0.0035EPSS

Exploits0References1

Cvelist•added 2024/09/10 9:36 a.m.•13 views

CVE-2023-49069

6.9CVSS0.0035EPSS

Exploits0References1

CNNVD•added 2024/09/10 12:0 a.m.•2 views

Siemens Mendix 安全漏洞

6.9CVSS6.5AI score0.0035EPSS

Exploits0References2

ICS•added 2024/09/10 12:0 a.m.•9 views

Siemens Mendix Runtime

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

6.9CVSS7.3AI score0.0035EPSS

Exploits0References10

CNVD•added 2024/07/10 12:0 a.m.•5 views

Siemens Mendix Encryption Module Hardcoded Default Encryption Key Vulnerability

The Mendix Encryption module takes care of the following encryption requirements: plain text encryption e.g. passwords and FileDocument encryption e.g. documents or photos. A hard-coded default encryption key vulnerability exists in the Siemens Mendix Encryption module, which can be exploited by ...

8.7CVSS6.7AI score0.00194EPSS

Exploits0References1

NCSC•added 2024/07/09 6:40 p.m.•5 views

Vulnerabilities fixed in Siemens Products

Siemens has fixed vulnerabilities in various products such as Mendix, RUGGEDOM, SIMATIC, SINEMA, SIPROTEC and the Engineering Platforms for various systems. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: -...

9.9CVSS7.5AI score0.54214EPSS

Exploits7References16

NVD•added 2024/07/09 12:15 p.m.•10 views

CVE-2024-39888

A vulnerability has been identified in Mendix Encryption All versions = V10.0.0 V10.0.2. Affected versions of the module define a specific hard-coded default value for the EncryptionKey constant, which is used in projects where no individual EncryptionKey was specified. This could allow to an...

8.7CVSS0.00194EPSS

Exploits0References1

Cvelist•added 2024/07/09 12:5 p.m.•13 views

CVE-2024-39888

8.7CVSS0.00194EPSS

Exploits0References1

Vulnrichment•added 2024/07/09 12:5 p.m.•10 views

CVE-2024-39888

8.7CVSS7AI score0.00194EPSS

Exploits0References1

Rows per page