CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-38070 – Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-38070
12 Sep 2023 — A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1), Tecnomatix Plant Simulation V2201 (All versions < V2201.0010), Tecnomatix Plant Simulation V2302 (All versions < V2302.0004). The affected application is ... • https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2023-28830
https://notcve.org/view.php?id=CVE-2023-28830
08 Aug 2023 — A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update 13), Solid Edge SE2023 (All versions < V223.0 Update 4), Teamcenter Visualization V13.2 (All versions < V13.2.0.15), Teamcenter Visualization V13.3 (All versions < V13.3.0.11), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while ... • https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-33124
https://notcve.org/view.php?id=CVE-2023-33124
13 Jun 2023 — A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a memory corruption vulnerability while parsing specially crafted CGM files. This could allow an attacker to... • https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-33123
https://notcve.org/view.php?id=CVE-2023-33123
13 Jun 2023 — A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This... • https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-33122
https://notcve.org/view.php?id=CVE-2023-33122
13 Jun 2023 — A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This v... • https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-33121
https://notcve.org/view.php?id=CVE-2023-33121
13 Jun 2023 — A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could levera... • https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-1709 – Datalogics Library APDFL Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-1709
07 Jun 2023 — Datalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process. • https://cert-portal.siemens.com/productcert/html/ssa-629917.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3161
https://notcve.org/view.php?id=CVE-2022-3161
13 Jan 2023 — The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. APDFL.dll contiene una vulnerabilidad de corrupción de memoria al analizar archivos PDF especialmente manipulados. Esto podría permitir a un atacante ejecutar código en el contexto del proceso actual. • https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3160
https://notcve.org/view.php?id=CVE-2022-3160
13 Jan 2023 — The APDFL.dll contains an out-of-bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. APDFL.dll contiene una escritura fuera de los límites más allá del búfer de almacenamiento dinámico de longitud fija mientras analiza archivos PDF especialmente manipulados. Esto podría permitir a un atacante ejecutar código en el contexto del proceso actual. • https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3159
https://notcve.org/view.php?id=CVE-2022-3159
13 Jan 2023 — The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. APDFL.dll contiene una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria que podría activarse al analizar archivos PDF especialmente manipulados. Esto podría permitir a un atacante ejecutar código en el contexto del proceso actual. • https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •