Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens comos vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-37197
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS ...
Siemens Comos
Siemens Comos 10.4
7.8
CVSSv3
CVE-2023-22669
Parsing of DWG files in Open Design Alliance Drawings SDK prior to 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2023-22670
A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK prior to 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data p...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2022-28807
An issue exists in Open Design Alliance Drawings SDK prior to 2023.2. An Out-of-Bounds Read vulnerability exists when rendering a .dwg file after it's opened in the recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current proce...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2022-28808
An issue exists in Open Design Alliance Drawings SDK prior to 2023.3. An Out-of-Bounds Read vulnerability exists when reading DWG files in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2022-28809
An issue exists in Open Design Alliance Drawings SDK prior to 2023.3. An Out-of-Bounds Read vulnerability exists when reading a DWG file with an invalid vertex number in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current pro...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2022-23095
Open Design Alliance Drawings SDK prior to 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process.
Opendesign Drawings Software Development Kit
7.8
CVSSv3
CVE-2021-32936
An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions before 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow malicious users t...
Opendesign Drawings Sdk
Siemens Teamcenter Visualization
Siemens Jt2go
Siemens Comos
7.8
CVSSv3
CVE-2021-32944
A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions before 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a memory corruption or arbitrary code execution, allowing malicious users to cau...
Opendesign Drawings Sdk
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
7.8
CVSSv3
CVE-2021-32948
An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions before 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow malicious users to c...
Opendesign Drawings Sdk
Siemens Teamcenter Visualization
Siemens Jt2go
Siemens Comos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »