CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

94 matches found

Delmia Apriso - Pre-Authentication Unsafe .NET Object Deserialization

An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to pre-authentication remote code execution. id: CVE-2024-3300 info: name: Delmia Apriso - Pre-Authentication Unsafe .NET Object Deserialization author: iamnoooob,rootxharsh,pdresearc...

9CVSS5.9AI score0.31559EPSS

Exploits0References2

Nuclei•added yesterday•58 views

Dassault Systèmes DELMIA Apriso (up to 2025) - Insecure Deserialization

A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution. id: CVE-2025-5086 info: name: Dassault Systèmes DELMIA Apriso up to 2025 - Insecure Deserialization author: hacktronai,iamnoooob,pdresearch...

9CVSS6.4AI score0.41392EPSS

Exploits1References2

Nuclei•added yesterday•12 views

DELMIA Apriso - Command Injection

An Improper Control of Generation of Code code injection / file upload → RCE vulnerability affecting DELMIA Apriso Release 2020 → Release 2025. When an authenticated user can upload files and the upload handler fails to canonicalize filenames or enforce storage restrictions, an attacker may place...

8CVSS6.6AI score0.10184EPSS

Exploits0References3

Nuclei•added 2 days ago•12 views

DELMIA Apriso - Broken Access Control

DELMIA Apriso Release 2020 through Release 2025 contains a broken access control vulnerability caused by missing authorization, letting attackers gain privileged access to the application, exploit requires no special conditions. id: CVE-2025-6205 info: name: DELMIA Apriso - Broken Access Control...

9.1CVSS5.8AI score0.82805EPSS

Exploits0References3

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

DELMIA Apriso Missing Authorization Vulnerability (CVE-2025-6205)

The version of DELMIA Apriso installed on the remote host is Release 2020 through Release 2025. It is, therefore, affected by a missing authorization vulnerability CVE-2025-6205 that could allow an attacker to gain privileged access to the application. Exploitation can be achieved by sending...

9.1CVSS7.1AI score0.82805EPSS

Exploits0References2

Tenable Nessus•added 2025/11/03 12:0 a.m.•1 views

DELMIA Apriso Code Injection Vulnerability (CVE-2025-6204)

The version of DELMIA Apriso installed on the remote host is Release 2020 through Release 2025. It is, therefore, affected by an Improper Control of Generation of Code Code Injection vulnerability CVE-2025-6204 that could allow an attacker to execute arbitrary code. Note that Nessus has not teste...

8CVSS6.4AI score0.10184EPSS

Exploits0References2

The Hacker News•added 2025/10/29 7:44 a.m.•18 views

Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack

Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued by the U.S. Cybersecurity and Infrastructure Security Agency CISA and VulnCheck. The vulnerabilities are listed below - CVE-2025-6204 CVSS score: 8.0 - A...

9.8CVSS9.2AI score0.93701EPSS

Exploits50

CISA•added 2025/10/28 12:0 p.m.•4 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-6204link is external Dassault Systèmes DELMIA Apriso Code Injection Vulnerability CVE-2025-6205link is external Dassault Systèmes DELMIA Apriso Missing...

9.1CVSS7.3AI score0.82805EPSS

In wildExploits0References7

CISA KEV Catalog•added 2025/10/28 12:0 a.m.•6 views

Dassault Systèmes DELMIA Apriso Missing Authorization Vulnerability

Dassault Systèmes DELMIA Apriso contains a missing authorization vulnerability that could allow an attacker to gain privileged access to the application...

9.1CVSS6.9AI score0.82805EPSS

In wildExploits0

CISA KEV Catalog•added 2025/10/28 12:0 a.m.•7 views

Dassault Systèmes DELMIA Apriso Code Injection Vulnerability

Dassault Systèmes DELMIA Apriso contains a code injection vulnerability that could allow an attacker to execute arbitrary code...

8CVSS8AI score0.10184EPSS

In wildExploits0

VulnCheck KEV•added 2025/10/28 12:0 a.m.•3 views

VulnCheck KEV: CVE-2025-6204

An Improper Control of Generation of Code Code Injection vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code...

8CVSS6.1AI score0.10184EPSS

In wildExploits0References4

VulnCheck KEV•added 2025/10/27 12:0 a.m.•4 views

VulnCheck KEV: CVE-2025-6205

A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application...

9.1CVSS5.8AI score0.82805EPSS

In wildExploits0References83

Tenable Nessus•added 2025/10/24 12:0 a.m.•6 views

DELMIA Apriso Deserialization of Untrusted Data Vulnerability (CVE-2025-5086)

The version of DELMIA Apriso installed on the remote host is Release 2020 through 2025. It is, therefore, affected by a deserialization of untrusted data vulnerability CVE-2025-5086 that could allow an unauthenticated attacker to execute arbitrary code remotely. Exploitation involves sending a...

9CVSS6.8AI score0.41392EPSS

Exploits1References2

Tenable Nessus•added 2025/10/20 12:0 a.m.•2 views

Dassault Systemes DELMIA Apriso Installed (Windows)

Binary data dassaultsystemesdelmiaapriso.nbin...

7AI score

Exploits0References1