Lucene search
K

831 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:1 a.m.4 views

CVE-2023-28827

A vulnerability has been identified in SIMATIC CP 1242-7 V2 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions V3.5.20...

8.2CVSS6.8AI score0.00453EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:17 a.m.3 views

CVE-2023-30897

A vulnerability has been identified in SIMATIC WinCC All versions V7.5.2.13. Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. This could allow an authenticated local attacker to inject arbitrary...

7.8CVSS7.2AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:29 a.m.8 views

CVE-2023-32735

A vulnerability has been identified in SIMATIC STEP 7 Safety V16 All versions V16 Update 7, SIMATIC STEP 7 Safety V17 All versions V17 Update 7, SIMATIC STEP 7 Safety V18 All versions V18 Update 2, SIMATIC STEP 7 V16 All versions V16 Update 7, SIMATIC STEP 7 V17 All versions V17 Update 7, SIMATIC...

7CVSS7.6AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:16 a.m.7 views

CVE-2023-50821

A vulnerability has been identified in SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC04, SIMATIC WinCC Runtime Professional V17 All versions V17 Update 8, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 4, SIMATIC WinCC Runtime Professional V19 All versions V19 Update 1, SIMATIC WinCC...

6.9CVSS6.5AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:47 a.m.18 views

CVE-2022-44731

A vulnerability has been identified in SIMATIC WinCC OA V3.15 All versions V3.15 P038, SIMATIC WinCC OA V3.16 All versions V3.16 P035, SIMATIC WinCC OA V3.17 All versions V3.17 P024, SIMATIC WinCC OA V3.18 All versions V3.18 P014. The affected component allows to inject custom arguments to the...

5.4CVSS6.7AI score0.00532EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:37 p.m.7 views

CVE-2021-25661

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...

7.5CVSS6.8AI score0.01138EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:36 p.m.8 views

CVE-2021-25660

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7" & 15" incl. SIPLUS variants All versions V15.1 Update 6, SIMATIC HMI Comfort Outdoor Panels V16 7" & 15" incl. SIPLUS variants All versions V16 Update 4, SIMATIC HMI Comfort Panels V15 4" - 22" incl. SIPLUS...

7.5CVSS6.8AI score0.00961EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:23 p.m.11 views

CVE-2012-3034

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified methods in ActiveX controls...

4.3CVSS7.2AI score0.02159EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:20 p.m.11 views

CVE-2012-3031

Multiple cross-site scripting XSS vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web script or HTML via a 1 GET parameter, 2 POST parameter, or 3 Referer HTTP header...

4.3CVSS5.9AI score0.02142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:29 a.m.18 views

CVE-2013-3957

SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier and other products, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.7AI score0.01784EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 a.m.20 views

CVE-2013-0674

Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter...

6.8CVSS8.2AI score0.03361EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 a.m.12 views

CVE-2013-0669

The HMI web application in Siemens WinCC TIA Portal 11 allows remote authenticated users to cause a denial of service daemon crash via a crafted HTTP request...

4CVSS6.4AI score0.0183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 a.m.21 views

CVE-2013-0678

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated users to obtain sensitive information via a SQL query...

4CVSS6.5AI score0.01515EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 a.m.13 views

CVE-2013-0670

CRLF injection vulnerability in the HMI web application in Siemens WinCC TIA Portal 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL...

4.3CVSS7.1AI score0.01539EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:11 a.m.12 views

CVE-2013-0672

Cross-site scripting XSS vulnerability in the HMI web application in Siemens WinCC TIA Portal 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data...

3.5CVSS5.4AI score0.01196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 a.m.9 views

CVE-2013-0667

Cross-site scripting XSS vulnerability in the HMI web application in Siemens WinCC TIA Portal 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.3CVSS5.7AI score0.01513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 a.m.17 views

CVE-2013-0676

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query...

4CVSS6.5AI score0.01529EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 a.m.10 views

CVE-2013-0677

The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a crafted project file...

5.8CVSS6.9AI score0.019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 a.m.6 views

CVE-2013-0668

Multiple cross-site scripting XSS vulnerabilities in the HMI web application in Siemens WinCC TIA Portal 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.3CVSS5.8AI score0.01513EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:9 a.m.7 views

CVE-2013-0671

Directory traversal vulnerability in Siemens WinCC TIA Portal 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL...

4CVSS6.6AI score0.02328EPSS
Exploits0References1
Rows per page
Query Builder