cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-45793,https://securityvulnerability.io/vulnerability/CVE-2023-45793,Vulnerability in Siveillance Control Allows Write Privileges for Read-Only Users,"A significant access control vulnerability exists in Siemens Siveillance Control across versions starting from V2.8 and prior to V3.1.1. This flaw arises from improper validation of access groups assigned to users, potentially allowing a locally logged on user to elevate their permissions. Such users could gain unauthorized write access to objects, despite having only read permissions initially. This vulnerability presents serious implications for data integrity and security within affected systems.",Siemens,Siveillance Control,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-12T10:21:46.998Z,0
CVE-2021-31891,https://securityvulnerability.io/vulnerability/CVE-2021-31891,,"A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.",Siemens,"Desigo Cc,Gma-manager,Operation Scheduler,Siveillance Control,Siveillance Control Pro",10,CRITICAL,0.0029700000304728746,false,,false,false,false,,false,false,2021-09-14T10:47:31.000Z,0