Sinec Ins Security Vulnerabilities and Issues — Sinec Ins CVE List

Lucene search

SiemensSinec Ins

13 matches found

CVE•added 2022/06/21 3:15 p.m.•1118 views

CVE-2022-2068

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there ...

10CVSS9.2AI score0.7123EPSS

CVE•added 2022/03/23 1:15 p.m.•738 views

CVE-2021-25220

BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not...

6.8CVSS7AI score0.00074EPSS

CVE•added 2022/07/05 11:15 a.m.•425 views

CVE-2022-2097

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, ...

5.3CVSS7.6AI score0.0075EPSS

CVE•added 2022/12/05 10:15 p.m.•360 views

CVE-2022-35256

The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

6.5CVSS7.9AI score0.04594EPSS

CVE•added 2022/01/16 5:15 p.m.•358 views

CVE-2022-0235

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

8.8CVSS7.7AI score0.00556EPSS

CVE•added 2022/03/23 11:15 a.m.•309 views

CVE-2022-0396

BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the co...

5.3CVSS5.9AI score0.0001EPSS

CVE•added 2022/07/14 3:15 p.m.•276 views

CVE-2022-32212

A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0,

8.1CVSS8.3AI score0.00112EPSS

CVE•added 2022/01/28 10:15 p.m.•251 views

CVE-2021-4160

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis su...

5.9CVSS6.2AI score0.24988EPSS

CVE•added 2022/12/05 10:15 p.m.•243 views

CVE-2022-35255

A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it...

9.1CVSS8.9AI score0.01258EPSS

CVE•added 2022/07/14 3:15 p.m.•216 views

CVE-2022-32215

The llhttp parser <v14.20.1, <v16.17.1 and

6.5CVSS7.1AI score0.88045EPSS

CVE•added 2022/07/14 3:15 p.m.•210 views

CVE-2022-32213

The llhttp parser <v14.20.1, <v16.17.1 and

6.5CVSS7.2AI score0.89015EPSS

CVE•added 2022/01/10 8:15 p.m.•167 views

CVE-2022-0155

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor

8CVSS6.8AI score0.00903EPSS

CVE•added 2022/07/14 3:15 p.m.•124 views

CVE-2022-32222

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.

5.3CVSS5.1AI score0.0042EPSS