CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-41663
https://notcve.org/view.php?id=CVE-2022-41663
08 Nov 2022 — A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected applications contain a use-after-free vulnerability that could be triggered while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the c... • https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-41664
https://notcve.org/view.php?id=CVE-2022-41664
08 Nov 2022 — A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the conte... • https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-39136
https://notcve.org/view.php?id=CVE-2022-39136
08 Nov 2022 — A vulnerability has been identified in JT2Go (All versions < V14.1.0.4), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.7), Teamcenter Visualization V13.3 (All versions >= V13.3.0.7 < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.3), Teamcenter Visualization V14.1 (All versions < V14.1.0.4). The affected application is vulnerable to fixed-length heap-based buffer while parsing specially crafted TIF files. An attacker co... • https://cert-portal.siemens.com/productcert/pdf/ssa-120378.pdf • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2069 – Datalogics APDFL library Heap-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-2069
20 Oct 2022 — The APDFL.dll in Siemens JT2Go prior to V13.3.0.5 and Siemens Teamcenter Visualization prior to V14.0.0.2 contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. El archivo APDFL.dll de Siemens JT2Go versiones anteriores a V13.3.0.5 y Siemens Teamcenter Visualization versiones anteriores a V14.0.0.2, contiene una escritura fuera de límites más allá del búfer de longi... • https://cert-portal.siemens.com/productcert/pdf/ssa-829738.pdf • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29033
https://notcve.org/view.php?id=CVE-2022-29033
10 May 2022 — A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library is vulnerable to uninitialized pointer free while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones anteriores a V13.3.0.3), Teamcent... • https://cert-portal.siemens.com/productcert/pdf/ssa-553086.pdf • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29032
https://notcve.org/view.php?id=CVE-2022-29032
10 May 2022 — A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll library contains a double free vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to execute code in the context of the current process. Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones anteriores a V13.3.0.3), Teamcenter Visu... • https://cert-portal.siemens.com/productcert/pdf/ssa-553086.pdf • CWE-415: Double Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29031
https://notcve.org/view.php?id=CVE-2022-29031
10 May 2022 — A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones anteriores a V13.3.0.3), Tea... • https://cert-portal.siemens.com/productcert/pdf/ssa-553086.pdf • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29030
https://notcve.org/view.php?id=CVE-2022-29030
10 May 2022 — A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Mono_Loader.dll library is vulnerable to integer overflow condition while parsing specially crafted TG4 files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones anteriores a V13.3.0.3), Teamc... • https://cert-portal.siemens.com/productcert/pdf/ssa-553086.pdf • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29029
https://notcve.org/view.php?id=CVE-2022-29029
10 May 2022 — A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The CGM_NIST_Loader.dll contains a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones anteriores a V13.3.0.3), Tea... • https://cert-portal.siemens.com/productcert/pdf/ssa-553086.pdf • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-29028
https://notcve.org/view.php?id=CVE-2022-29028
10 May 2022 — A vulnerability has been identified in JT2Go (All versions < V13.3.0.3), Teamcenter Visualization V13.3 (All versions < V13.3.0.3), Teamcenter Visualization V14.0 (All versions < V14.0.0.1). The Tiff_Loader.dll is vulnerable to infinite loop condition while parsing specially crafted TIFF files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. Se ha identificado una vulnerabilidad en JT2Go (Todas las versiones anteriores a V13.3.0.3), Teamcenter Visu... • https://cert-portal.siemens.com/productcert/pdf/ssa-553086.pdf • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •