Filtered by vendor Siemens
Subscribe
Total
1761 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-27463 | 1 Siemens | 1 Ruggedcom Crossbow | 2023-03-17 | N/A | 8.8 HIGH |
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote attackers to execute arbitrary SQL queries on the server database. | |||||
CVE-2023-27462 | 1 Siemens | 1 Ruggedcom Crossbow | 2023-03-17 | N/A | 4.3 MEDIUM |
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The client query handler of the affected application fails to check for proper permissions for specific read queries. This could allow authenticated remote attackers to access data they are not authorized for. | |||||
CVE-2023-27310 | 1 Siemens | 1 Ruggedcom Crossbow | 2023-03-17 | N/A | 8.8 HIGH |
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to otherwise non-privileged user accounts. | |||||
CVE-2023-27309 | 1 Siemens | 1 Ruggedcom Crossbow | 2023-03-17 | N/A | 8.8 HIGH |
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions for specific write queries. This could allow an authenticated remote attacker to perform unauthorized actions. | |||||
CVE-2023-27398 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2023-03-16 | N/A | 7.8 HIGH |
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20304) | |||||
CVE-2023-27399 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2023-03-16 | N/A | 7.8 HIGH |
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20299, ZDI-CAN-20346) | |||||
CVE-2023-27400 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2023-03-16 | N/A | 7.8 HIGH |
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20300) | |||||
CVE-2023-27401 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2023-03-16 | N/A | 7.8 HIGH |
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20308, ZDI-CAN-20345) | |||||
CVE-2023-27402 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2023-03-16 | N/A | 7.8 HIGH |
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20334) | |||||
CVE-2023-27404 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2023-03-16 | N/A | 7.8 HIGH |
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to stack-based buffer while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20433) | |||||
CVE-2023-27405 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2023-03-16 | N/A | 7.8 HIGH |
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20432) | |||||
CVE-2023-27406 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2023-03-16 | N/A | 7.8 HIGH |
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to stack-based buffer while parsing specially crafted SPP files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20449) | |||||
CVE-2023-25140 | 1 Siemens | 2 Parasolid, Solid Edge | 2023-03-14 | N/A | 7.8 HIGH |
A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150), Solid Edge SE2022 (All versions < V222.0MP12). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
CVE-2023-24566 | 1 Siemens | 1 Solid Edge Se2023 | 2023-03-14 | N/A | 3.3 LOW |
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to stack-based buffer while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19472) | |||||
CVE-2023-24565 | 1 Siemens | 1 Solid Edge Se2023 | 2023-03-14 | N/A | 3.3 LOW |
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted STL file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19428) | |||||
CVE-2023-24564 | 1 Siemens | 1 Solid Edge Se2023 | 2023-03-14 | N/A | 7.8 HIGH |
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains a memory corruption vulnerability while parsing specially crafted DWG files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19069) | |||||
CVE-2023-24563 | 1 Siemens | 1 Solid Edge Se2023 | 2023-03-14 | N/A | 7.8 HIGH |
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
CVE-2023-24562 | 1 Siemens | 1 Solid Edge Se2023 | 2023-03-14 | N/A | 7.8 HIGH |
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
CVE-2023-24561 | 1 Siemens | 1 Solid Edge Se2023 | 2023-03-14 | N/A | 7.8 HIGH |
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
CVE-2023-24560 | 1 Siemens | 1 Solid Edge Se2023 | 2023-03-14 | N/A | 7.8 HIGH |
A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process. |