289 matches found
CVE-2024-4424
The access control in CemiPark software does not properly validate user-entered data, which allows the stored cross-site scripting XSS attack. The parameters used to enter data into the system do not have appropriate validation, which makes possible to smuggle in HTML/JavaScript code. This code...
CVE-2024-39883
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current...
Deserialization Of Untrusted Data
transformers is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper validation of user-supplied data during the parsing of model files, which allows deserialization of untrusted data...
CVE-2021-34330
A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Jt981.dll library in affected applications lacks proper validation of user-supplied data prior to performing further free operations on an object when parsing JT files. An attacker...
CVE-2021-34303
A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The TiffLoader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an...
CVE-2021-34314
A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPloader.dll library in affected applications lacks proper validation of user-supplied data when parsing SGI files. This could result in an out of bounds write past the end of an...
CVE-2021-27396
A vulnerability has been identified in Tecnomatix Plant Simulation All versions V16.0.5. The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27398. An attacke...
CVE-2021-27387
A vulnerability has been identified in Simcenter Femap 2020.2 All versions V2020.2.MP3, Simcenter Femap 2021.1 All versions V2021.1.MP3. The femap.exe application lacks proper validation of user-supplied data when parsing FEMAP files. This could result in an out of bounds write past the end of an...
CVE-2021-34328
A vulnerability has been identified in JT2Go All versions V13.2, Solid Edge SE2021 All Versions SE2021MP5, Teamcenter Visualization All versions V13.2. The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could resul...
CVE-2021-34325
A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds read past the end of an allocated...
CVE-2021-34318
A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPloader.dll library in affected applications lacks proper validation of user-supplied data when parsing PCT files. This could result in an out of bounds write past the end of an...
CVE-2021-32975
Cscape All Versions prior to 9.90 SP5 lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current process...
CVE-2021-25678
A vulnerability has been identified in Solid Edge SE2020 All versions SE2020MP13, Solid Edge SE2020 All versions SE2020MP14, Solid Edge SE2021 All Versions SE2021MP4. Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds...
CVE-2021-32995
Cscape All Versions prior to 9.90 SP5 lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute code in the context of the current process...
CVE-2021-22663
Cscape All versions prior to 9.90 SP3.5 lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current process...
CVE-2020-28384
A vulnerability has been identified in Solid Edge SE2020 All Versions SE2020MP12, Solid Edge SE2021 All Versions SE2021MP2. Affected applications lack proper validation of user-supplied data when parsing PAR files. This could lead to a stack based buffer overflow. An attacker could leverage this...
CVE-2020-27002
A vulnerability has been identified in JT2Go All versions V13.1.0.2, Teamcenter Visualization All versions V13.1.0.2. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker...
CVE-2020-27004
A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of CGM files. This could result in a memory access past the end of an allocated buffer. An attacker...
CVE-2020-27001
A vulnerability has been identified in JT2Go All versions V13.1.0.2, Teamcenter Visualization All versions V13.1.0.2. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based buffer overflow. An attacker could leverage this...
CVE-2020-27000
A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing BMP files. This can result in a memory corruption condition. An attacker could leverage this...