Page 4 of 147 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted CGM file. This vulnerability could allow an attacker to disclose sensitive information. • https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

A vulnerability has been identified in JT2Go (All versions < V14.2.0.3), Teamcenter Visualization V13.2 (All versions < V13.2.0.13), Teamcenter Visualization V13.3 (All versions < V13.3.0.10), Teamcenter Visualization V14.0 (All versions < V14.0.0.6), Teamcenter Visualization V14.1 (All versions < V14.1.0.8), Teamcenter Visualization V14.2 (All versions < V14.2.0.3). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. • https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

Datalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process. • https://cert-portal.siemens.com/productcert/html/ssa-629917.html https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-11 https://www.cisa.gov/news-events/ics-advisories/icsa-23-164-01 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. APDFL.dll contiene una vulnerabilidad de corrupción de memoria al analizar archivos PDF especialmente manipulados. Esto podría permitir a un atacante ejecutar código en el contexto del proceso actual. • https://cert-portal.siemens.com/productcert/csaf/ssa-360681.json https://cert-portal.siemens.com/productcert/html/ssa-360681.html https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-15 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •