📦 Sinema Remote Connect Server

A privilege escalation vulnerability in SINEMA Remote Connect Server allows authenticated attackers with 'Manage firmware updates' role to gain OS-level privileges through improper temporary file perm...

SINEMA Remote Connect Server versions before V3.2 have improper access control on web service endpoints, allowing attackers to bypass authentication and access restricted resources. This could lead to...

CVE-2022-25315 is an integer overflow vulnerability in Expat's storeRawNames function that can lead to heap buffer overflow. This allows attackers to potentially execute arbitrary code or cause denial...

CVE-2022-25235 is a critical vulnerability in Expat (libexpat) XML parser where improper UTF-8 character validation allows attackers to bypass security checks. This affects any application using vulne...

CVE-2022-23852 is a signed integer overflow vulnerability in Expat (libexpat) XML parser that can lead to buffer overflow. When XML_CONTEXT_BYTES is configured to a nonzero value, XML_GetBuffer can ov...

CVE-2022-22822 is an integer overflow vulnerability in Expat's XML parser that can lead to heap buffer overflow. This allows attackers to execute arbitrary code or cause denial of service by processin...

CVE-2022-22824 is an integer overflow vulnerability in Expat's defineAttribute function in xmlparse.c. This allows attackers to cause heap-based buffer overflows, potentially leading to arbitrary code...

CVE-2021-20093 is a buffer over-read vulnerability in Wibu-Systems CodeMeter that allows unauthenticated remote attackers to read heap memory contents or cause denial of service. This affects CodeMete...

SINEMA Remote Connect Server versions before V3.2 SP1 lack proper brute force protection in the Client Communication component, allowing attackers to guess user credentials through repeated login atte...

An authentication bypass vulnerability in SINEMA Remote Connect Server allows unauthenticated attackers to access and modify VxLAN network configurations without proper authorization. This affects all...

This vulnerability in SINEMA Remote Connect Server allows attackers with access to the backup encryption key and upload permissions to create administrative users by uploading manipulated backup files...

This vulnerability allows authenticated attackers to execute arbitrary commands with root privileges on SINEMA Remote Connect Server by exploiting insufficient input validation in VxLAN configuration ...

CVE-2022-32262 is a command injection vulnerability in SINEMA Remote Connect Server that allows attackers to execute arbitrary code through a vulnerable file upload server. This affects all versions b...

CVE-2022-32251 is an authentication bypass vulnerability in Siemens SINEMA Remote Connect Server that allows attackers to modify user permissions without authentication. This enables privilege escalat...

CVE-2022-25314 is an integer overflow vulnerability in Expat's copyString function that can lead to heap buffer overflow. This allows attackers to potentially execute arbitrary code or cause denial of...

CVE-2022-23990 is an integer overflow vulnerability in Expat (libexpat) XML parser library that can lead to denial of service or arbitrary code execution. Any application using vulnerable versions of ...

CVE-2022-22826 is an integer overflow vulnerability in Expat's XML parser that can lead to heap memory corruption. Attackers can exploit this by providing specially crafted XML input, potentially caus...

CVE-2021-46143 is an integer overflow vulnerability in Expat's XML parser that can lead to heap memory corruption. Attackers can exploit this by providing specially crafted XML input, potentially caus...

CVE-2020-25239 is an authorization bypass vulnerability in Siemens SINEMA Remote Connect Server that allows unprivileged users to modify UMC authorization server settings via specially crafted URLs. T...

This vulnerability in SINEMA Remote Connect Server allows attackers with database access to directly modify the system_ticketinfo table and bypass license restrictions. This could enable unauthorized ...

A log rotation vulnerability in SINEMA Remote Connect Server allows unauthenticated remote attackers to cause denial of service through resource exhaustion. All versions before V3.2 SP1 are affected. ...

A privilege escalation vulnerability in SINEMA Remote Connect Server allows authenticated local users with self-management privileges to modify users outside their authorized scope and elevate their p...

SINEMA Remote Connect Server versions before V3.2 SP4 store SSL/TLS private keys with insufficient protection, allowing any authenticated user with server access to read them. This enables attackers t...