Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sinema_remote_connect_server
(Siemens)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 69 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-08-05 | CVE-2021-22925 | curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use... | Mac_os_x, Macos, Fedora, Curl, Cloud_backup, Clustered_data_ontap, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire, Mysql_server, Peoplesoft_enterprise_peopletools, Sinec_infrastructure_network_services, Sinema_remote_connect_server, Universal_forwarder | 5.3 | ||
| 2024-03-12 | CVE-2022-32257 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to code execution. | Sinema_remote_connect_server | 9.8 | ||
| 2019-12-24 | CVE-2019-19956 | xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. | Ubuntu_linux, Debian_linux, Fedora, Active_iq_unified_manager, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, Manageability_software_development_kit, Ontap_select_deploy_administration_utility, Steelstore_cloud_integrated_storage, Real_user_experience_insight, Sinema_remote_connect_server, Libxml2 | 7.5 | ||
| 2020-01-21 | CVE-2020-7595 | xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. | Ubuntu_linux, Debian_linux, Fedora, Clustered_data_ontap, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Smi\-S_provider, Snapdrive, Steelstore_cloud_integrated_storage, Symantec_netbackup, Communications_cloud_native_core_network_function_cloud_native_environment, Enterprise_manager_base_platform, Enterprise_manager_ops_center, Mysql_workbench, Peoplesoft_enterprise_peopletools, Real_user_experience_insight, Sinema_remote_connect_server, Libxml2 | 7.5 | ||
| 2021-09-16 | CVE-2021-34798 | Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. | Http_server, Brocade_fabric_operating_system_firmware, Debian_linux, Fedora, Cloud_backup, Clustered_data_ontap, Storagegrid, Communications_cloud_native_core_network_function_cloud_native_environment, Enterprise_manager_base_platform, Http_server, Instantis_enterprisetrack, Peoplesoft_enterprise_peopletools, Zfs_storage_appliance_kit, Ruggedcom_nms, Sinec_nms, Sinema_remote_connect_server, Sinema_server, Tenable\.sc | 7.5 | ||
| 2021-10-18 | CVE-2021-41991 | The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility. | Debian_linux, Fedora, Cp_1543\-1_firmware, Scalance_sc622\-2c_firmware, Scalance_sc632\-2c_firmware, Scalance_sc636\-2c_firmware, Scalance_sc642\-2c_firmware, Scalance_sc646\-2c_firmware, Simatic_cp_1242\-7_gprs_v2_firmware, Simatic_cp_1243\-1_firmware, Simatic_cp_1243\-7_lte\/us_firmware, Simatic_cp_1542sp\-1_firmware, Simatic_cp_1542sp\-1_irc_firmware, Simatic_cp_1543sp\-1_firmware, Simatic_net_cp1243\-7_lte_eu_firmware, Simatic_net_cp_1243\-8_irc_firmware, Simatic_net_cp_1545\-1_firmware, Sinema_remote_connect_server, Siplus_et_200sp_cp_1542sp\-1_irc_tx_rail_firmware, Siplus_et_200sp_cp_1543sp\-1_isec_firmware, Siplus_et_200sp_cp_1543sp\-1_isec_tx_rail_firmware, Siplus_net_cp_1543\-1_firmware, Siplus_s7\-1200_cp_1243\-1_firmware, Siplus_s7\-1200_cp_1243\-1_rail_firmware, Strongswan | 7.5 | ||
| 2022-01-26 | CVE-2022-23990 | Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. | Debian_linux, Fedora, Libexpat, Communications_metasolv_solution, Sinema_remote_connect_server, Nessus | 7.5 | ||
| 2022-02-16 | CVE-2022-25235 | xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. | Debian_linux, Fedora, Libexpat, Http_server, Zfs_storage_appliance_kit, Sinema_remote_connect_server | 9.8 | ||
| 2022-02-16 | CVE-2022-25236 | xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | Debian_linux, Libexpat, Http_server, Zfs_storage_appliance_kit, Sinema_remote_connect_server | 9.8 | ||
| 2022-02-18 | CVE-2022-25313 | In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. | Debian_linux, Fedora, Libexpat, Http_server, Zfs_storage_appliance_kit, Sinema_remote_connect_server | 6.5 |