Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.
Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.