CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32252
https://notcve.org/view.php?id=CVE-2022-32252
14 Jun 2022 — A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, granting root privileges to an attacker. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.1). La aplicación no lleva a cabo una comprobación de la integridad de los paquetes de actualización. • https://cert-portal.siemens.com/productcert/html/ssa-484086.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32251
https://notcve.org/view.php?id=CVE-2022-32251
14 Jun 2022 — A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a user. This could allow an attacker to change the permissions of any user and gain the privileges of an administrative user. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.1). Falta una verificación de autenticación para un recurso usado para cambiar los... • https://cert-portal.siemens.com/productcert/html/ssa-484086.html • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.1EPSS: 26%CPEs: 1EXPL: 3CVE-2022-29034 – SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2022-29034
14 Jun 2022 — A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of JavaScript code. This could allow attackers to perform reflected cross-site scripting (XSS) attacks. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.1). Una ventana emergente de mensaje de error en la interfaz web de la aplicación afectada no evita una... • https://packetstorm.news/files/id/167554 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27221
https://notcve.org/view.php?id=CVE-2022-27221
14 Jun 2022 — A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.1). Un atacante en el "machine-in-the-middle" podría ... • https://cert-portal.siemens.com/productcert/html/ssa-484086.html • CWE-203: Observable Discrepancy •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-27220
https://notcve.org/view.php?id=CVE-2022-27220
14 Jun 2022 — A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 6220. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.0 SP2). La aplicación afectada carece de encabezados gene... • https://cert-portal.siemens.com/productcert/pdf/ssa-911567.pdf • CWE-358: Improperly Implemented Security Check for Standard CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-27219
https://notcve.org/view.php?id=CVE-2022-27219
14 Jun 2022 — A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 443. This could aid attackers by making the servers more prone to clickjacking, channel downgrade attacks and other similar client-based attack vectors. Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V3.0 SP2). La aplicación afectada carece de encabezados de se... • https://cert-portal.siemens.com/productcert/pdf/ssa-911567.pdf • CWE-358: Improperly Implemented Security Check for Standard CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2022-25314 – expat: Integer overflow in copyString()
https://notcve.org/view.php?id=CVE-2022-25314
18 Feb 2022 — In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, se presenta un desbordamiento de enteros en copyString An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded (rather than user input), takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service. Red Hat JBoss Core S... • https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25314 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 5%CPEs: 9EXPL: 3CVE-2022-25315 – expat: Integer overflow in storeRawNames()
https://notcve.org/view.php?id=CVE-2022-25315
18 Feb 2022 — In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, se presenta un desbordamiento de enteros en storeRawNames An integer overflow was found in expat. The issue occurs in storeRawNames() by abusing the m_buffer expansion logic to allow allocations very close to INT_MAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution. Red Hat JBoss Core Servic... • https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25315 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 2CVE-2022-25313 – expat: Stack exhaustion in doctype parsing
https://notcve.org/view.php?id=CVE-2022-25313
18 Feb 2022 — In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, un atacante puede desencadenar un agotamiento de pila en build_model por medio de una gran profundidad de anidamiento en el elemento DTD A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of serv... • https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-25313 • CWE-674: Uncontrolled Recursion CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 8%CPEs: 9EXPL: 1CVE-2022-25235 – expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-25235
16 Feb 2022 — xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. El archivo xmltok_impl.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, carece de determinada comprobación de codificación, como comprueba si un carácter UTF-8 es válido en un determinado contexto A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences (for example, from start tag names) to the XML pr... • https://github.com/Satheesh575555/external_expat_AOSP10_r33_CVE-2022-25235 • CWE-116: Improper Encoding or Escaping of Output CWE-838: Inappropriate Encoding for Output Context •