CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

91 matches found

DELMIA Apriso - Broken Access Control

DELMIA Apriso Release 2020 through Release 2025 contains a broken access control vulnerability caused by missing authorization, letting attackers gain privileged access to the application, exploit requires no special conditions. id: CVE-2025-6205 info: name: DELMIA Apriso - Broken Access Control...

9.1CVSS6.1AI score0.69174EPSS

Exploits0References3

Nuclei•added 2 days ago•13 views

DELMIA Apriso - Command Injection

An Improper Control of Generation of Code code injection / file upload → RCE vulnerability affecting DELMIA Apriso Release 2020 → Release 2025. When an authenticated user can upload files and the upload handler fails to canonicalize filenames or enforce storage restrictions, an attacker may place...

8CVSS6.7AI score0.75306EPSS

Exploits0References3

Tenable Nessus•added 2025/11/05 12:0 a.m.•4 views

DELMIA Apriso Missing Authorization Vulnerability (CVE-2025-6205)

The version of DELMIA Apriso installed on the remote host is Release 2020 through Release 2025. It is, therefore, affected by a missing authorization vulnerability CVE-2025-6205 that could allow an attacker to gain privileged access to the application. Exploitation can be achieved by sending...

9.1CVSS7.1AI score0.69174EPSS

Exploits0References2

Tenable Nessus•added 2025/11/03 12:0 a.m.•4 views

DELMIA Apriso Code Injection Vulnerability (CVE-2025-6204)

The version of DELMIA Apriso installed on the remote host is Release 2020 through Release 2025. It is, therefore, affected by an Improper Control of Generation of Code Code Injection vulnerability CVE-2025-6204 that could allow an attacker to execute arbitrary code. Note that Nessus has not teste...

8CVSS6.4AI score0.75306EPSS

Exploits0References2

The Hacker News•added 2025/10/29 7:44 a.m.•19 views

Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack

Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued by the U.S. Cybersecurity and Infrastructure Security Agency CISA and VulnCheck. The vulnerabilities are listed below - CVE-2025-6204 CVSS score: 8.0 - A...

9.8CVSS9.2AI score0.99898EPSS

Exploits51

CISA•added 2025/10/28 12:0 p.m.•5 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-6204link is external Dassault Systèmes DELMIA Apriso Code Injection Vulnerability CVE-2025-6205link is external Dassault Systèmes DELMIA Apriso Missing...

9.1CVSS7.3AI score0.75306EPSS

In wildExploits0References7

VulnCheck KEV•added 2025/10/28 12:0 a.m.•7 views

VulnCheck KEV: CVE-2025-6204

An Improper Control of Generation of Code Code Injection vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code...

8CVSS6.1AI score0.75306EPSS

In wildExploits0References4

CISA KEV Catalog•added 2025/10/28 12:0 a.m.•7 views

Dassault Systèmes DELMIA Apriso Code Injection Vulnerability

Dassault Systèmes DELMIA Apriso contains a code injection vulnerability that could allow an attacker to execute arbitrary code...

8CVSS8AI score0.75306EPSS

In wildExploits0

CISA KEV Catalog•added 2025/10/28 12:0 a.m.•6 views

Dassault Systèmes DELMIA Apriso Missing Authorization Vulnerability

Dassault Systèmes DELMIA Apriso contains a missing authorization vulnerability that could allow an attacker to gain privileged access to the application...

9.1CVSS6.9AI score0.69174EPSS

In wildExploits0

VulnCheck KEV•added 2025/10/27 12:0 a.m.•7 views

VulnCheck KEV: CVE-2025-6205

A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application...

9.1CVSS5.8AI score0.69174EPSS

In wildExploits0References83

Tenable Nessus•added 2025/10/24 12:0 a.m.•8 views

DELMIA Apriso Deserialization of Untrusted Data Vulnerability (CVE-2025-5086)

The version of DELMIA Apriso installed on the remote host is Release 2020 through 2025. It is, therefore, affected by a deserialization of untrusted data vulnerability CVE-2025-5086 that could allow an unauthenticated attacker to execute arbitrary code remotely. Exploitation involves sending a...

9CVSS6.8AI score0.89077EPSS

Exploits1References2

Tenable Nessus•added 2025/10/20 12:0 a.m.•4 views

Dassault Systemes DELMIA Apriso Installed (Windows)

Binary data dassaultsystemesdelmiaapriso.nbin...

7AI score

Exploits0References1