Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens comos vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-32946
An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow ma...
Opendesign Drawings Sdk
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
7.8
CVSSv3
CVE-2021-32948
An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions before 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow malicious users to c...
Opendesign Drawings Sdk
Siemens Teamcenter Visualization
Siemens Jt2go
Siemens Comos
7.8
CVSSv3
CVE-2021-31784
An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK prior to 2021.6 on all supported by ODA platforms in static configuration. This can allow malicious users to cause a crash, potentially enabling a denial of service atta...
Opendesign Drawings Sdk
Siemens Comos
7.8
CVSSv3
CVE-2021-25174
An issue exists in Open Design Alliance Drawings SDK prior to 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow malicious users to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
7.8
CVSSv3
CVE-2021-25173
An issue exists in Open Design Alliance Drawings SDK prior to 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows malicious users to cause a crash, potentially enabling denial of service (crash, exit, or restart).
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
7.8
CVSSv3
CVE-2021-25177
An issue exists in Open Design Alliance Drawings SDK prior to 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow malicious users to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart).
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
7.8
CVSSv3
CVE-2021-25175
An issue exists in Open Design Alliance Drawings SDK prior to 2021.11. A Type Conversion issue exists when rendering malformed .DXF and .DWG files. This can allow malicious users to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart).
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
7.8
CVSSv3
CVE-2021-25176
An issue exists in Open Design Alliance Drawings SDK prior to 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow malicious users to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart).
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
7.8
CVSSv3
CVE-2021-25178
An issue exists in Open Design Alliance Drawings SDK prior to 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. This can allow malicious users to cause a crash potentially enabling a denial of service...
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
5.3
CVSSv3
CVE-2020-35460
common/InputStreamHelper.java in Packwood MPXJ prior to 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations.
Mpxj Mpxj
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 21.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »