CVSS: 7.3EPSS: 0%CPEs: 34EXPL: 0CVE-2024-52051
https://notcve.org/view.php?id=CVE-2024-52051
10 Dec 2024 — A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC S7-PLCSIM V18 (All versions), SIMATIC STEP 7 Safety V17 (All versions), SIMATIC STEP 7 Safety V18 (All versions), SIMATIC STEP 7 Safety V19 (All versions), SIMATIC STEP 7 V17 (All versions), SIMATIC STEP 7 V18 (All versions), SIMATIC STEP 7 V19 (All versions), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC Unified PC Runtime V19 (All versions), SIMATIC WinCC Unified V17 (All versions), SIMATIC WinCC Unif... • https://cert-portal.siemens.com/productcert/html/ssa-392859.html • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 40EXPL: 0CVE-2024-49849
https://notcve.org/view.php?id=CVE-2024-49849
10 Dec 2024 — A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions), SIMATIC STEP 7 Safety V18 (All versions), SIMATIC STEP 7 Safety V19 (All versions), SIMATIC STEP 7 V16 (All versions), SIMATIC STEP 7 V17 (All versions), SIMATIC STEP 7 V18 (All versions), SIMATIC STEP 7 V19 (All versions), SIMATIC WinCC Unified V16 (All versions), SIMATIC WinCC Unified V17 (All versions), SIMAT... • https://cert-portal.siemens.com/productcert/html/ssa-800126.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.3EPSS: 0%CPEs: 17EXPL: 0CVE-2023-32736
https://notcve.org/view.php?id=CVE-2023-32736
12 Nov 2024 — A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 8), SIMATIC STEP 7 Safety V18 (All versions < V18 Update 5), SIMATIC STEP 7 V16 (All versions), SIMATIC STEP 7 V17 (All versions < V17 Update 8), SIMATIC STEP 7 V18 (All versions < V18 Update 5), SIMATIC WinCC Unified V16 (All versions), SIMATIC WinCC Unified V17 (All versions < V17 Update 8), SIMATIC... • https://cert-portal.siemens.com/productcert/html/ssa-871035.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-32735
https://notcve.org/view.php?id=CVE-2023-32735
09 Jul 2024 — A vulnerability has been identified in SIMATIC STEP 7 Safety V16 (All versions < V16 Update 7), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 7), SIMATIC STEP 7 Safety V18 (All versions < V18 Update 2), SIMATIC STEP 7 V16 (All versions < V16 Update 7), SIMATIC STEP 7 V17 (All versions < V17 Update 7), SIMATIC STEP 7 V18 (All versions < V18 Update 2), SIMATIC WinCC Unified V16 (All versions < V16 Update 7), SIMATIC WinCC Unified V17 (All versions < V17 Update 7), SIMATIC WinCC Unified V18 (All version... • https://cert-portal.siemens.com/productcert/html/ssa-779936.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 4.9EPSS: 0%CPEs: 36EXPL: 0CVE-2023-27465
https://notcve.org/view.php?id=CVE-2023-27465
13 Jun 2023 — A vulnerability has been identified in SIMOTION C240 (All versions >= V5.4 < V5.5 SP1), SIMOTION C240 PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D410-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D425-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP (All versions >= V5.4 < V5.5 SP1), SIMOTION D435-2 DP/PN (All versions >= V5.4 < V5.5 SP1), SIMOTION D445-2 DP/PN (All versions >= ... • https://cert-portal.siemens.com/productcert/pdf/ssa-482956.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-213: Exposure of Sensitive Information Due to Incompatible Policies •
CVSS: 6.5EPSS: 0%CPEs: 727EXPL: 0CVE-2020-0543 – hw: Special Register Buffer Data Sampling (SRBDS)
https://notcve.org/view.php?id=CVE-2020-0543
09 Jun 2020 — Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. Una limpieza incompleta de operaciones de lectura de un registro especial específico en algunos Intel® Processors puede permitir a un usuario autenticado habilitar potencialmente una divulgación de información por medio de un acceso local A new domain bypass transient execution attack known as Special Register Buffer Data... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00025.html • CWE-459: Incomplete Cleanup •
CVSS: 7.5EPSS: 0%CPEs: 98EXPL: 0CVE-2019-10923
https://notcve.org/view.php?id=CVE-2019-10923
10 Oct 2019 — A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P, SCALANCE X-200IRT switch family (incl. SIPLUS NET variants), SIMATIC ET 200pro IM154-8 PN/DP CPU, SIMATIC ET 200pro IM154-8F PN/DP CPU... • https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.6EPSS: 0%CPEs: 665EXPL: 7CVE-2018-3639 – AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass
https://notcve.org/view.php?id=CVE-2018-3639
21 May 2018 — Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Los sistemas con microprocesadores que emplean la ejecución especulativa y que realizan la ejecución especulativa de lecturas de memoria antes de que se conozcan las direcciones de todas l... • https://packetstorm.news/files/id/147839 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 8.7EPSS: 0%CPEs: 76EXPL: 0CVE-2017-12741
https://notcve.org/view.php?id=CVE-2017-12741
26 Dec 2017 — Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually. Se ha identificado una vulnerabilidad en Development/Evaluation Kits para PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits para PROFINET IO: EK-ERTEC 200, Development/Evaluation Kits para PROFINET IO: EK-ERTEC 200P, SIMATIC Compact Field Unit, SIMATIC ET200AL, SIMATIC ET200M (incluidas las variantes SIPLUS), SIMATIC ET200MP IM155-5 PN BA (incluid... • https://cert-portal.siemens.com/productcert/html/ssa-141614.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 402EXPL: 0CVE-2017-5711
https://notcve.org/view.php?id=CVE-2017-5711
21 Nov 2017 — Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code with AMT execution privilege. Múltiples desbordamientos de búfer en el kernel en Active Management Technology (AMT) en Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 permiten que un atacante con acceso local al sistema ejecute código arbitrario con el privi... • http://www.securityfocus.com/bid/101918 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •