Siemens Sinema Remote Connect Server — known CVE vulnerabilities
Every CVE whose affected-product data names Siemens Sinema Remote Connect Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2022-32257 — CVSS 9.8 (critical): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web…
CVE-2022-25236 — CVSS 9.8 (critical): xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
CVE-2019-13918 — CVSS 9.8 (critical): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). The web interface has no means to prevent…
CVE-2022-25235 — CVSS 9.8 (critical): xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is…
CVE-2022-23852 — CVSS 9.8 (critical): Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVE-2024-39872 — CVSS 9.6 (critical): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly…
CVE-2021-20093 — CVSS 9.1 (critical): A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this…
CVE-2024-39570 — CVSS 8.8 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to…
CVE-2024-39866 — CVSS 8.8 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to…
CVE-2022-32251 — CVSS 8.8 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification…
CVE-2024-39865 — CVSS 8.8 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows users to…
CVE-2020-25240 — CVSS 8.8 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). Unpriviledged users can access services when…
CVE-2021-45960 — CVSS 8.8 (high): In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc…
CVE-2024-39571 — CVSS 8.8 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Affected applications are vulnerable to…
CVE-2022-32262 — CVSS 8.8 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload…
CVE-2019-6570 — CVSS 8.8 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user…
CVE-2020-25239 — CVSS 8.8 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions…
CVE-2021-46143 — CVSS 8.1 (high): In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
CVE-2024-39867 — CVSS 7.6 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate…
CVE-2024-39868 — CVSS 7.6 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected devices do not properly validate…
CVE-2021-41991 — CVSS 7.5 (high): The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different…
CVE-2021-34798 — CVSS 7.5 (high): Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2020-7595 — CVSS 7.5 (high): xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
CVE-2019-19956 — CVSS 7.5 (high): xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
CVE-2024-39873 — CVSS 7.5 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly…
CVE-2024-39874 — CVSS 7.5 (high): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application does not properly…
CVE-2022-32252 — CVSS 6.5 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity…
CVE-2021-37183 — CVSS 6.5 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software allows sending…
CVE-2021-37177 — CVSS 6.5 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The status provided by the syslog clients…
CVE-2022-32259 — CVSS 6.5 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of…
CVE-2022-32260 — CVSS 6.5 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary…
CVE-2024-39869 — CVSS 6.5 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected products allow to upload…
CVE-2022-25313 — CVSS 6.5 (medium): In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
CVE-2024-39871 — CVSS 6.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly…
CVE-2024-39870 — CVSS 6.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected applications can be configured…
CVE-2022-23102 — CVSS 6.1 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Affected products contain an open redirect…
CVE-2022-29034 — CVSS 6.1 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web…
CVE-2016-6204 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the integrated web server in Siemens SINEMA Remote Connect Server before 1.2 allows remote…
CVE-2022-27221 — CVSS 5.9 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could…
CVE-2022-32255 — CVSS 5.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web…
CVE-2022-32261 — CVSS 5.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a…
CVE-2021-22925 — CVSS 5.3 (medium): curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send…
CVE-2022-32258 — CVSS 5.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains an older…
CVE-2022-32253 — CVSS 4.9 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL…
CVE-2021-37190 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information…
CVE-2022-32256 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web…
CVE-2022-27220 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP…
CVE-2022-27219 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP…
CVE-2021-37193 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same…
CVE-2021-37192 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). The affected software has an information…
CVE-2021-37191 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An unauthenticated attacker in the same…
CVE-2022-32254 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the…
CVE-2025-40819 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP4). Affected applications do not properly…
CVE-2019-13920 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some parts of the web application are not…
CVE-2019-13919 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some pages that should only be accessible by…
CVE-2024-39875 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application allows…
CVE-2024-42345 — CVSS 4.3 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP2). The affected application does not properly…
CVE-2024-39876 — CVSS 4.0 (medium): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Affected applications do not properly handle…
CVE-2021-22924 — CVSS 3.7 (low): libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to…
CVE-2025-40818 — CVSS 3.3 (low): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP4). Affected applications contain private…
CVE-2019-13922 — CVSS 2.7 (low): A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges…