Total
170 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2069 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-21 | N/A | 7.8 HIGH |
| The APDFL.dll in Siemens JT2Go prior to V13.3.0.5 and Siemens Teamcenter Visualization prior to V14.0.0.2 contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2020-28383 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2022-10-12 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Solid Edge SE2020 (All Versions < SE2020MP12), Solid Edge SE2021 (All Versions < SE2021MP2), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing PAR files. This can result in an out of bounds write past the memory location that is a read only image address. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11885) | |||||
| CVE-2021-34299 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13192) | |||||
| CVE-2021-34302 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13197) | |||||
| CVE-2021-34303 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13198) | |||||
| CVE-2021-34304 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13199) | |||||
| CVE-2021-34306 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13342) | |||||
| CVE-2021-34308 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13344) | |||||
| CVE-2021-34312 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13353) | |||||
| CVE-2021-34313 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13354) | |||||
| CVE-2021-34317 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing PCX files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13402) | |||||
| CVE-2021-34320 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13406) | |||||
| CVE-2021-34321 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The VisDraw.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13414) | |||||
| CVE-2021-34325 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13421) | |||||
| CVE-2021-34327 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2022-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing ASM files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13423) | |||||
| CVE-2021-34328 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2022-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13424) | |||||
| CVE-2021-34329 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2022-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13427) | |||||
| CVE-2020-26991 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-06 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing ASM files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11899) | |||||
| CVE-2020-26990 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2022-10-06 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing ASM files. A crafted ASM file could trigger a type confusion condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-11897) | |||||
| CVE-2021-40354 | 1 Siemens | 1 Teamcenter Visualization | 2022-08-12 | 5.5 MEDIUM | 7.1 HIGH |
| A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The "surrogate" functionality on the user profile of the application does not perform sufficient access control that could lead to an account takeover. Any profile on the application can perform this attack and access any other user assigned tasks via the "inbox/surrogate tasks". | |||||