Lucene search
K

79 matches found

CVE
CVE
added 2023/08/08 9:20 a.m.51 views

CVE-2023-39186

CVE-2023-39186 affects Siemens Solid Edge SE2023: all versions before V223.0 Update 7 are vulnerable to an out-of-bounds read past the end of an allocated structure while parsing specially crafted DFT files, potentially allowing code execution in the current process. The issue is tied to Solid Ed...

7.8CVSS7.5AI score0.00219EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/08 9:20 a.m.10 views

CVE-2023-39182

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the curre...

7.8CVSS7AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/08 9:20 a.m.19 views

CVE-2023-39182

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the curre...

7.8CVSS7.7AI score0.00219EPSS
Exploits0References1
CVE
CVE
added 2023/08/08 9:20 a.m.39 views

CVE-2023-39182

Solid Edge SE2023 is affected by CVE-2023-39182: an out-of-bounds read past the end of an allocated structure while parsing DFT files in all versions before V223.0 Update 7. The vulnerability could allow code execution in the current process. Siemens provides a fix in V223.0 Update 7 and recommen...

7.8CVSS7.5AI score0.00219EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.3 views

PT-2023-4233 · Siemens · Solid Edge

Name of the Vulnerable Software and Affected Versions: Solid Edge SE2023 versions prior to V223.0 Update 7 Description: A vulnerability has been identified that allows an attacker to execute code in the context of the current process by exploiting an out of bounds read past the end of an allocate...

7.8CVSS7.8AI score0.00207EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2023/04/16 11:5 a.m.8 views

dft-online.de Cross Site Scripting vulnerability OBB-3262840

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

5.9AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.42 views

K08593253: Intel CPU vulnerability CVE-2021-0144

Security Advisory Description Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access. CVE-2021-0144 Impact There is no impact; F5 products are not affected by this vulnerability. Securit...

7.2CVSS6.6AI score0.00327EPSS
Exploits0
OSV
OSV
added 2023/01/10 12:15 p.m.2 views

CVE-2022-47967

A vulnerability has been identified in Solid Edge All versions V2023 MP1. The DOCMGMT.DLL contains a memory corruption vulnerability that could be triggered while parsing files in different file formats such as PAR, ASM, DFT. This could allow an attacker to execute code in the context of the...

7.8CVSS5.8AI score0.00279EPSS
Exploits0References1
Prion
Prion
added 2023/01/10 12:15 p.m.17 views

Memory corruption

A vulnerability has been identified in Solid Edge All versions V2023 MP1. The DOCMGMT.DLL contains a memory corruption vulnerability that could be triggered while parsing files in different file formats such as PAR, ASM, DFT. This could allow an attacker to execute code in the context of the...

4.4CVSS7.7AI score0.00279EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2021/08/24 12:0 a.m.38 views

Siemens Solid Edge Viewer DFT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.8AI score0.02505EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/08/24 12:0 a.m.36 views

Siemens Solid Edge Viewer DFT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.8AI score0.02505EPSS
Exploits0References1
Prion
Prion
added 2021/07/14 2:15 p.m.26 views

Default configuration

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access...

7.2CVSS6.5AI score0.00327EPSS
Exploits0References2Affected Software30
Cvelist
Cvelist
added 2021/07/14 1:23 p.m.47 views

CVE-2021-0144

Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access...

6.8AI score0.00327EPSS
Exploits0References2
CVE
CVE
added 2021/07/14 1:23 p.m.135 views

CVE-2021-0144

CVE-2021-0144 (Intel BSSA DFT) is triggered by insecure default variable initialization in the BIOS Shared SW Architecture Design for Test feature, enabling local privilege escalation for authenticated/privileged users. Public adapters include Intel’s advisory INTEL-SA-00525 and related vendor bu...

7.2CVSS6.5AI score0.00327EPSS
Exploits0References2Affected Software1064
Lenovo
Lenovo
added 2021/07/13 8:59 p.m.29 views

Intel BSSA DFT Advisory - Lenovo Support US

No description provided...

7.2CVSS6.5AI score0.00327EPSS
Exploits0
Hewlett-Packard
Hewlett-Packard
added 2021/07/13 12:0 a.m.32 views

Intel BSSA DFT July 2021 Security Update

Intel has informed HP of a potential security vulnerability identified in the Intel BSSA DFT feature which may allow escalation of privilege. Firmware updates are being released to mitigate this potential vulnerability. Intel has released guidance to mitigate the potential vulnerability. HP has...

7.5CVSS1.5AI score0.00327EPSS
Exploits0
Intel
Intel
added 2021/07/13 12:0 a.m.25 views

Intel BSSA DFT Advisory

Summary: A potential security vulnerability in the customer build time configuration for the Intel BIOS Shared SW Architecture BSSA Design for Test DFT feature may allow escalation of privilege. Intel is releasing detailed guidance to address this potential vulnerability. Vulnerability Details:...

7.2CVSS6.7AI score0.00327EPSS
Exploits0
CNVD
CNVD
added 2021/06/09 12:0 a.m.6 views

Siemens Solid Edge Out-of-Bounds Write Vulnerability (CNVD-2021-40500)

Siemens Solid Edge is a 3D CAD software from Siemens, Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. An out-of-bounds write vulnerability exists in Siemens Solid Edge. The vulnerability is due to a lack of proper...

8.8CVSS7.1AI score0.02505EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/09 12:0 a.m.7 views

Siemens Solid Edge Out-of-Bounds Write Vulnerability (CNVD-2021-40501)

Siemens Solid Edge is a 3D CAD software from Siemens, Germany. The software can be used for part design, assembly design, sheet metal design, welding design and other industries. An out-of-bounds write vulnerability exists in Siemens Solid Edge. The vulnerability is due to a lack of proper...

8.8CVSS7.1AI score0.02505EPSS
Exploits0References1
OSV
OSV
added 2021/06/08 8:15 p.m.3 views

CVE-2021-31343

The jutil.dll library in all versions of Solid Edge SE2020 before 2020MP14 and all versions of Solid Edge SE2021 before SE2021MP5 lack proper validation of user-supplied data when parsing DFT files. This could result in an out-of-bounds write past the end of an allocation structure. An attacker...

8.8CVSS6AI score
Exploits0References2
Rows per page
Query Builder