Product:

Sinec_ins

(Siemens)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 15
Date Id Summary Products Score Patch Annotated
2022-01-16 CVE-2022-0235 node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Node\-Fetch, Sinec_ins 6.1
2022-03-23 CVE-2021-25220 BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. Fedora, Bind, Baseboard_management_controller_h300e_firmware, Baseboard_management_controller_h300s_firmware, Baseboard_management_controller_h410c_firmware, Baseboard_management_controller_h410s_firmware, Baseboard_management_controller_h500e_firmware, Baseboard_management_controller_h500s_firmware, Baseboard_management_controller_h700e_firmware, Baseboard_management_controller_h700s_firmware, Sinec_ins 6.8
2022-03-23 CVE-2022-0396 BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection. Fedora, Bind, Baseboard_management_controller_h300e_firmware, Baseboard_management_controller_h300s_firmware, Baseboard_management_controller_h410c_firmware, Baseboard_management_controller_h410s_firmware, Baseboard_management_controller_h500e_firmware, Baseboard_management_controller_h500s_firmware, Baseboard_management_controller_h700e_firmware, Baseboard_management_controller_h700s_firmware, Sinec_ins 5.3
2020-05-09 CVE-2020-12762 json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. Ubuntu_linux, Debian_linux, Fedora, Json\-C, Sinec_ins 7.8
2022-01-28 CVE-2021-4160 There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very... Debian_linux, Openssl, Enterprise_manager_ops_center, Health_sciences_inform_publisher, Jd_edwards_enterpriseone_tools, Jd_edwards_world_security, Peoplesoft_enterprise_peopletools, Sinec_ins 5.9
2021-02-16 CVE-2021-23839 OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is configured to support both SSLv2 and more recent SSL and TLS versions then a check is made for a version rollback attack when unpadding an RSA signature. Clients that support SSL or TLS versions greater than SSLv2 are supposed to use a special form of padding. A server that supports greater than SSLv2 is supposed to reject connection attempts from a client where this special form of padding is... Openssl, Business_intelligence, Enterprise_manager_for_storage_management, Enterprise_manager_ops_center, Graalvm, Jd_edwards_world_security, Zfs_storage_appliance_kit, Sinec_ins 3.7
2021-05-26 CVE-2021-25217 In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to:... Debian_linux, Fedora, Dhcp, Ontap_select_deploy_administration_utility, Solidfire_\&_hci_management_node, Ruggedcom_rox_mx5000_firmware, Ruggedcom_rox_rx1400_firmware, Ruggedcom_rox_rx1500_firmware, Ruggedcom_rox_rx1501_firmware, Ruggedcom_rox_rx1510_firmware, Ruggedcom_rox_rx1511_firmware, Ruggedcom_rox_rx1512_firmware, Ruggedcom_rox_rx1524_firmware, Ruggedcom_rox_rx1536_firmware, Ruggedcom_rox_rx5000_firmware, Sinec_ins 7.4
2022-01-10 CVE-2022-0155 follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor Follow\-Redirects, Sinec_ins 6.5
2021-02-16 CVE-2021-23841 The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function... Ipad_os, Iphone_os, Macos, Safari, Debian_linux, Oncommand_insight, Oncommand_workflow_automation, Snapcenter, Openssl, Business_intelligence, Communications_cloud_native_core_policy, Enterprise_manager_for_storage_management, Enterprise_manager_ops_center, Essbase, Graalvm, Jd_edwards_world_security, Mysql_enterprise_monitor, Mysql_server, Peoplesoft_enterprise_peopletools, Zfs_storage_appliance_kit, Sinec_ins, Nessus_network_monitor, Tenable\.sc 5.9
2021-08-31 CVE-2021-3749 axios is vulnerable to Inefficient Regular Expression Complexity Axios, Goldengate, Sinec_ins 7.5