Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
siemens comos vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-43503
A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP.
Siemens Comos
9.8
CVSSv3
CVE-2023-43504
A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an malicious user to execute ...
Siemens Comos
6.5
CVSSv3
CVE-2023-43505
A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in SMB shares. This could allow an malicious user to access files that the user should not have access to.
Siemens Comos
7.5
CVSSv3
CVE-2023-46601
A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in making the SQLServer connection. This could allow an malicious user to query the database directly to access information that the user should not have access to.
Siemens Comos
8.8
CVSSv3
CVE-2023-2932
Use after free in PDF in Google Chrome before 114.0.5735.90 allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
Google Chrome
8.8
CVSSv3
CVE-2023-2931
Use after free in PDF in Google Chrome before 114.0.5735.90 allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
Google Chrome
7.8
CVSSv3
CVE-2023-22669
Parsing of DWG files in Open Design Alliance Drawings SDK prior to 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2023-22670
A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK prior to 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data p...
Opendesign Drawings Sdk
8.8
CVSSv3
CVE-2023-1530
Use after free in PDF in Google Chrome before 111.0.5563.110 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
8.8
CVSSv3
CVE-2023-0933
Integer overflow in PDF in Google Chrome before 110.0.5481.177 allowed a remote malicious user to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
Google Chrome
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »