Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SiemensSinec Ins*

32 matches found

CVE
CVEadded 2021/02/16 5:15 p.m.1915 views

CVE-2021-23841

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if t...

5.9CVSS7AI score0.0065EPSS
CVE
CVEadded 2022/06/21 3:15 p.m.1138 views

CVE-2022-2068

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there ...

10CVSS9.2AI score0.69299EPSS
CVE
CVEadded 2022/03/23 1:15 p.m.741 views

CVE-2021-25220

BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not...

6.8CVSS7AI score0.00072EPSS
CVE
CVEadded 2021/05/26 10:15 p.m.502 views

CVE-2021-25217

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also pres...

7.4CVSS7.7AI score0.00243EPSS
CVE
CVEadded 2021/02/15 1:15 p.m.460 views

CVE-2021-23337

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

7.2CVSS7.2AI score0.00551EPSS
CVE
CVEadded 2022/07/05 11:15 a.m.433 views

CVE-2022-2097

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, ...

5.3CVSS7.6AI score0.00366EPSS
CVE
CVEadded 2022/01/16 5:15 p.m.376 views

CVE-2022-0235

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

8.8CVSS7.7AI score0.00512EPSS
CVE
CVEadded 2022/12/05 10:15 p.m.368 views

CVE-2022-35256

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

6.5CVSS7.9AI score0.04594EPSS
CVE
CVEadded 2022/03/23 11:15 a.m.310 views

CVE-2022-0396

BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the co...

5.3CVSS5.9AI score0.0001EPSS
CVE
CVEadded 2021/08/31 11:15 a.m.306 views

CVE-2021-3749

axios is vulnerable to Inefficient Regular Expression Complexity

7.8CVSS7.4AI score0.0837EPSS
CVE
CVEadded 2021/09/23 1:15 p.m.302 views

CVE-2021-22945

When sending data to an MQTT server, libcurl

9.1CVSS8.9AI score0.00481EPSS
CVE
CVEadded 2022/07/14 3:15 p.m.282 views

CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0,

8.1CVSS8.3AI score0.00082EPSS
CVE
CVEadded 2022/01/28 10:15 p.m.252 views

CVE-2021-4160

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis su...

5.9CVSS6.2AI score0.23867EPSS
CVE
CVEadded 2022/12/05 10:15 p.m.248 views

CVE-2022-35255

A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it...

9.1CVSS8.9AI score0.01258EPSS
CVE
CVEadded 2021/02/15 11:15 a.m.241 views

CVE-2020-28500

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

5.3CVSS6AI score0.00202EPSS
CVE
CVEadded 2021/02/16 5:15 p.m.228 views

CVE-2021-23839

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than...

4.3CVSS5.5AI score0.00257EPSS
CVE
CVEadded 2022/01/10 8:15 p.m.175 views

CVE-2022-0155

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor

8CVSS6.8AI score0.00903EPSS
CVE
CVEadded 2020/11/06 8:15 p.m.162 views

CVE-2020-28168

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.

5.9CVSS5.8AI score0.00265EPSS
CVE
CVEadded 2022/07/14 3:15 p.m.124 views

CVE-2022-32222

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.

5.3CVSS5.1AI score0.00488EPSS
CVE
CVEadded 2020/12/11 2:15 p.m.98 views

CVE-2020-7793

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

7.5CVSS7.5AI score0.03568EPSS
CVE
CVEadded 2024/11/12 1:15 p.m.75 views

CVE-2024-46890

A vulnerability has been identified in SINEC INS (All versions

9.4CVSS7.6AI score0.00786EPSS
CVE
CVEadded 2023/01/10 12:15 p.m.50 views

CVE-2022-45092

A vulnerability has been identified in SINEC INS (All versions

9.9CVSS8.7AI score0.19547EPSS
CVE
CVEadded 2023/01/10 12:15 p.m.49 views

CVE-2022-45094

A vulnerability has been identified in SINEC INS (All versions

8.8CVSS8.8AI score0.00711EPSS
CVE
CVEadded 2024/11/12 1:15 p.m.49 views

CVE-2024-46892

A vulnerability has been identified in SINEC INS (All versions

8.1CVSS6.6AI score0.00065EPSS
CVE
CVEadded 2023/01/10 12:15 p.m.46 views

CVE-2022-45093

A vulnerability has been identified in SINEC INS (All versions

8.8CVSS8.7AI score0.01534EPSS
CVE
CVEadded 2024/11/12 1:15 p.m.43 views

CVE-2024-46889

A vulnerability has been identified in SINEC INS (All versions

6.9CVSS6.9AI score0.00086EPSS
CVE
CVEadded 2024/11/12 1:15 p.m.37 views

CVE-2024-46888

A vulnerability has been identified in SINEC INS (All versions

9.9CVSS7.6AI score0.01451EPSS
CVE
CVEadded 2023/12/12 12:15 p.m.36 views

CVE-2023-48428

A vulnerability has been identified in SINEC INS (All versions

7.2CVSS6.9AI score0.00067EPSS
CVE
CVEadded 2023/12/12 12:15 p.m.33 views

CVE-2023-48427

A vulnerability has been identified in SINEC INS (All versions

9.8CVSS7.3AI score0.00078EPSS
CVE
CVEadded 2023/12/12 12:15 p.m.31 views

CVE-2023-48431

A vulnerability has been identified in SINEC INS (All versions

8.6CVSS7.1AI score0.0017EPSS
CVE
CVEadded 2023/12/12 12:15 p.m.30 views

CVE-2023-48430

A vulnerability has been identified in SINEC INS (All versions

2.7CVSS3.8AI score0.00102EPSS
CVE
CVEadded 2023/12/12 12:15 p.m.26 views

CVE-2023-48429

A vulnerability has been identified in SINEC INS (All versions

2.7CVSS3.8AI score0.00118EPSS