CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30796
https://notcve.org/view.php?id=CVE-2023-30796
08 Aug 2023 — A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. Se ha identificado una vulnerabilidad en JT Open (Todas las versiones inferiores a V11.4), JT Utilities (Todas las versiones inferiores a V13.4). Las aplicaciones afectadas contienen ... • https://cert-portal.siemens.com/productcert/pdf/ssa-001569.pdf • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-29053
https://notcve.org/view.php?id=CVE-2023-29053
11 Apr 2023 — A vulnerability has been identified in JT Open (All versions < V11.3.2.0), JT Utilities (All versions < V13.3.0.0). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/pdf/ssa-642810.pdf • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-47977
https://notcve.org/view.php?id=CVE-2022-47977
14 Feb 2023 — A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0). The affected application contains a memory corruption vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-47936
https://notcve.org/view.php?id=CVE-2022-47936
14 Feb 2023 — A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150). The affected application contains a stack overflow vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/pdf/ssa-836777.pdf • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-47935 – Siemens Solid Edge Viewer JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-47935
10 Jan 2023 — A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19078) This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is... • https://cert-portal.siemens.com/productcert/pdf/ssa-936212.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-41851 – Siemens Simcenter Femap JT File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41851
11 Oct 2022 — A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-16973) Se ha identificado una vulnerabilidad en JTTK (Todas las versiones anteriores a V11.1.1.0), Si... • https://cert-portal.siemens.com/productcert/pdf/ssa-611756.pdf • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-44449
https://notcve.org/view.php?id=CVE-2021-44449
14 Dec 2021 — A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14830) Se ha identificado una vulnerabilidad en JT Utilities (Todas las versiones anteriores a V12.8.1.1), JTTK (Todas las versiones anteriores a V10.8.1.1). L... • https://cert-portal.siemens.com/productcert/pdf/ssa-396621.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-44450
https://notcve.org/view.php?id=CVE-2021-44450
14 Dec 2021 — A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15055, ZDI-CAN-14915, ZDI-CAN-14865) Se ha identificado una vulnerabilidad en JT Utilities (Todas las versiones anteriores a V12.8.1.1), JTTK (Todas las ... • https://cert-portal.siemens.com/productcert/pdf/ssa-396621.pdf • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-44448
https://notcve.org/view.php?id=CVE-2021-44448
14 Dec 2021 — A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14843, ZDI-CAN-15051) Se ha identificado una vulnerabilidad en JT Utilities (Todas las versiones anteriores a V13.0.3.0), JTTK (Todas las versiones anter... • https://cert-portal.siemens.com/productcert/pdf/ssa-352143.pdf • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-44447
https://notcve.org/view.php?id=CVE-2021-44447
14 Dec 2021 — A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14911) Se ha identificado una vulnerabilidad en JT Utilities (Todas las versiones anteriores a V13.0.3.0), JTTK (Todas las versiones anteriores a V11... • https://cert-portal.siemens.com/productcert/pdf/ssa-352143.pdf • CWE-416: Use After Free •