CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41902
https://notcve.org/view.php?id=CVE-2024-41902
08 Oct 2024 — A vulnerability has been identified in JT2Go (All versions < V2406.0003). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-626178.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-7066 – Siemens Teamcenter Visualization and JT2Go Out-of-bounds Read
https://notcve.org/view.php?id=CVE-2023-7066
12 Aug 2024 — The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. • https://cert-portal.siemens.com/productcert/html/ssa-722010.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-37997
https://notcve.org/view.php?id=CVE-2024-37997
09 Jul 2024 — A vulnerability has been identified in JT Open (All versions < V11.5), PLM XML SDK (All versions < V7.1.0.014). The affected applications contain a stack based overflow vulnerability while parsing specially crafted XML files. This could allow an attacker to execute code in the context of the current process. Se ha identificado una vulnerabilidad en JT Open (todas las versiones < V11.5), PLM XML SDK (todas las versiones < V7.1.0.014). Las aplicaciones afectadas contienen una vulnerabilidad de desbordam... • https://cert-portal.siemens.com/productcert/html/ssa-824889.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 4.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-37996
https://notcve.org/view.php?id=CVE-2024-37996
09 Jul 2024 — A vulnerability has been identified in JT Open (All versions < V11.5), PLM XML SDK (All versions < V7.1.0.014). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted XML files. An attacker could leverage this vulnerability to crash the application causing denial of service condition. Se ha identificado una vulnerabilidad en JT Open (todas las versiones < V11.5), PLM XML SDK (todas las versiones < V7.1.0.014). Las aplicaciones afectadas contienen una... • https://cert-portal.siemens.com/productcert/html/ssa-824889.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-34086
https://notcve.org/view.php?id=CVE-2024-34086
14 May 2024 — A vulnerability has been identified in JT2Go (All versions < V2312.0001), Teamcenter Visualization V14.1 (All versions < V14.1.0.13), Teamcenter Visualization V14.2 (All versions < V14.2.0.10), Teamcenter Visualization V14.3 (All versions < V14.3.0.7), Teamcenter Visualization V2312 (All versions < V2312.0001). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted CGM file. This could allow an attacker to execute code in the context of the current process. S... • https://cert-portal.siemens.com/productcert/html/ssa-661579.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-34085
https://notcve.org/view.php?id=CVE-2024-34085
14 May 2024 — A vulnerability has been identified in JT2Go (All versions < V2312.0001), Teamcenter Visualization V14.1 (All versions < V14.1.0.13), Teamcenter Visualization V14.2 (All versions < V14.2.0.10), Teamcenter Visualization V14.3 (All versions < V14.3.0.7), Teamcenter Visualization V2312 (All versions < V2312.0001). The affected applications contain a stack overflow vulnerability while parsing specially crafted XML files. This could allow an attacker to execute code in the context of the current process. Se ha i... • https://cert-portal.siemens.com/productcert/html/ssa-661579.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-26275
https://notcve.org/view.php?id=CVE-2024-26275
09 Apr 2024 — A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. Th... • https://cert-portal.siemens.com/productcert/html/ssa-222019.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-51746
https://notcve.org/view.php?id=CVE-2023-51746
09 Jan 2024 — A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process. Se ha ide... • https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-51745
https://notcve.org/view.php?id=CVE-2023-51745
09 Jan 2024 — A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process. Se ha ide... • https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-51744
https://notcve.org/view.php?id=CVE-2023-51744
09 Jan 2024 — A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing deni... • https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf • CWE-476: NULL Pointer Dereference •