Siemens

Sinec Ins

42 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 1.65%
  • Veröffentlicht 16.01.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:38:12

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

Exploit
  • EPSS 2.43%
  • Veröffentlicht 10.01.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:38:01

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor

Exploit
  • EPSS 6.22%
  • Veröffentlicht 23.09.2021 13:15:08
  • Zuletzt bearbeitet 09.06.2025 15:15:25

When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.

Exploit
  • EPSS 8.52%
  • Veröffentlicht 31.08.2021 11:15:07
  • Zuletzt bearbeitet 21.11.2024 06:22:19

axios is vulnerable to Inefficient Regular Expression Complexity

Exploit
  • EPSS 6.12%
  • Veröffentlicht 26.05.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 05:54:34

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspecti...

  • EPSS 7.47%
  • Veröffentlicht 16.02.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:51:55

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while...

  • EPSS 2.96%
  • Veröffentlicht 16.02.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:51:55

OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clie...

Exploit
  • EPSS 22.41%
  • Veröffentlicht 15.02.2021 13:15:12
  • Zuletzt bearbeitet 21.11.2024 05:51:31

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

Exploit
  • EPSS 7.34%
  • Veröffentlicht 15.02.2021 11:15:12
  • Zuletzt bearbeitet 21.11.2024 05:22:55

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

Exploit
  • EPSS 3.88%
  • Veröffentlicht 11.12.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:37:48

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).