Lucene search
K

74 matches found

Prion
Prion
added 2021/05/27 4:15 p.m.18 views

Code injection

When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. This is because of the passing of...

4.3CVSS5.7AI score0.01745EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2021/05/27 4:15 p.m.18 views

Stack overflow

Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this...

6.8CVSS7.7AI score0.02203EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2021/05/27 4:15 p.m.26 views

Code injection

Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An...

6.8CVSS7.6AI score0.02029EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/05/27 4:8 p.m.30 views

CVE-2021-27490

Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code...

8AI score0.02029EPSS
Exploits0References3
CVE
CVE
added 2021/05/27 4:8 p.m.63 views

CVE-2021-27490

Datakit CrossCADWare libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr embedded in Luxion KeyShot (versions ≤ 10.1) are affected by CVE-2021-27490 due to an out-of-bounds read when parsing CATPart data, potentially allowing code execution in the affected process. Red ...

7.8CVSS7.8AI score0.02029EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/05/27 3:41 p.m.39 views

CVE-2021-27492

When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. This is because of the passing of...

5.8AI score0.01745EPSS
Exploits0References3
CVE
CVE
added 2021/05/27 3:41 p.m.75 views

CVE-2021-27492

The CVE-2021-27492 entry concerns Datakit CrossCADWare libraries (CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr) embedded in Luxion KeyShot v10.1 and earlier. The connected Red Hat, ZDI, and ICS/CERT records confirm a concrete XXE-style vulnerability: when opening a special...

5.5CVSS5.5AI score0.01745EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2021/05/27 3:37 p.m.69 views

CVE-2021-27488

CVE-2021-27488 affects Datakit CrossCAD/Ware libraries (CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr) embedded in Luxion KeyShot up to v10.1. The vulnerability stems from improper validation when parsing CATPart files, enabling an out-of-bounds write and potential code exe...

7.8CVSS7.7AI score0.01982EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/05/27 3:37 p.m.27 views

CVE-2021-27488

Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing CATPart files. This could result in an out-of-bounds write past the end of an allocated structure. An...

7.9AI score0.01982EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/05/27 3:27 p.m.41 views

CVE-2021-27496

Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An...

7.8AI score0.02029EPSS
Exploits0References3
CVE
CVE
added 2021/05/27 3:27 p.m.71 views

CVE-2021-27496

CVE-2021-27496 affects Datakit CrossCADWare libraries embedded in Luxion KeyShot (v10.1 and earlier). Modules CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, and Jt3dReadPsr fail to validate data when parsing PRT files, causing untrusted pointer dereference and potential code execution i...

7.8CVSS7.6AI score0.02029EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/05/27 3:26 p.m.40 views

CVE-2021-27494

Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this...

7.9AI score0.02203EPSS
Exploits0References3
CVE
CVE
added 2021/05/27 3:26 p.m.65 views

CVE-2021-27494

CVE-2021-27494 affects Datakit CrossCADWare libraries (CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr) bundled in Luxion KeyShot (Versions 10.1 and earlier). The vulnerability is an out-of-bounds stack/write caused by inadequate validation when parsing STP files, which can a...

7.8CVSS7.7AI score0.02203EPSS
Exploits0References3Affected Software2
ICS
ICS
added 2021/05/25 12:0 a.m.70 views

Datakit Libraries bundled in Luxion KeyShot

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Datakit Equipment: Software libraries embedded in Luxion KeyShot software Vulnerabilities: Out-of-bounds Write, Exposure of Sensitive Information to an Unauthorized Actor, Stack-Based buffer Overflow, Untrusted Pointer...

7.8CVSS7.7AI score0.02203EPSS
Exploits0References5
Rows per page
Query Builder