Lucene search
K
DatakitCrosscadware

10 matches found

CVE
CVE
added 2021/05/27 3:41 p.m.74 views

CVE-2021-27492

The CVE-2021-27492 entry concerns Datakit CrossCADWare libraries (CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr) embedded in Luxion KeyShot v10.1 and earlier. The connected Red Hat, ZDI, and ICS/CERT records confirm a concrete XXE-style vulnerability: when opening a special...

5.5CVSS5.5AI score0.01745EPSS
CVE
CVE
added 2021/05/27 3:27 p.m.70 views

CVE-2021-27496

CVE-2021-27496 affects Datakit CrossCADWare libraries embedded in Luxion KeyShot (v10.1 and earlier). Modules CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, and Jt3dReadPsr fail to validate data when parsing PRT files, causing untrusted pointer dereference and potential code execution i...

7.8CVSS7.6AI score0.02029EPSS
CVE
CVE
added 2021/05/27 3:37 p.m.67 views

CVE-2021-27488

CVE-2021-27488 affects Datakit CrossCAD/Ware libraries (CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr) embedded in Luxion KeyShot up to v10.1. The vulnerability stems from improper validation when parsing CATPart files, enabling an out-of-bounds write and potential code exe...

7.8CVSS7.7AI score0.01982EPSS
CVE
CVE
added 2021/05/27 3:26 p.m.64 views

CVE-2021-27494

CVE-2021-27494 affects Datakit CrossCADWare libraries (CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr) bundled in Luxion KeyShot (Versions 10.1 and earlier). The vulnerability is an out-of-bounds stack/write caused by inadequate validation when parsing STP files, which can a...

7.8CVSS7.7AI score0.02203EPSS
CVE
CVE
added 2021/05/27 4:8 p.m.62 views

CVE-2021-27490

Datakit CrossCADWare libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr embedded in Luxion KeyShot (versions ≤ 10.1) are affected by CVE-2021-27490 due to an out-of-bounds read when parsing CATPart data, potentially allowing code execution in the affected process. Red ...

7.8CVSS7.8AI score0.02029EPSS
CVE
CVE
added 2023/04/20 6:12 p.m.55 views

CVE-2023-22321

CVE-2023-22321 affects Datakit CrossCadWare_x64.dll and is an out-of-bounds read past the end of an allocated buffer while parsing SLDPRT files, potentially disclosing sensitive information. The ICSA advisory and related documents confirm the vulnerability in CrossCAD/Ware_x64 library (all versio...

5.5CVSS4.7AI score0.0021EPSS
CVE
CVE
added 2023/04/20 6:15 p.m.45 views

CVE-2023-22846

Summary: CVE-2023-22846 affects Datakit CrossCadWare_x64.dll in Datakit CrossCAD/Ware. The vulnerability is an out-of-bounds read past the end of an allocated buffer when parsing a specially crafted SLDPRT file, which could allow disclosure of sensitive information. The ICS advisory details the a...

5.5CVSS4.7AI score0.0021EPSS
CVE
CVE
added 2023/04/20 6:9 p.m.44 views

CVE-2023-22295

Datakit CrossCadWare_x64.dll is affected by CVE-2023-22295, with an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file, potentially allowing sensitive information disclosure. Affected software: Datakit CrossCadWare_x64.dll (CrossCAD/Ware). Impact ...

5.5CVSS4.7AI score0.0021EPSS
CVE
CVE
added 2023/04/20 6:16 p.m.44 views

CVE-2023-23579

Datakit CrossCadWare_x64.dll contains an out-of-bounds write while parsing a specially crafted SLDPRT file, enabling code execution in the context of the current process. The vulnerability is associated with Datakit’s CrossCAD/Ware library used by Siemens Solid Edge; the CVE-2023-23579 entry is e...

7.8CVSS7.7AI score0.00235EPSS
CVE
CVE
added 2023/04/20 6:13 p.m.43 views

CVE-2023-22354

CVE-2023-22354 : Datakit CrossCadWare_x64.dll (used by Microsoft Solid Edge/Siemens Solid Edge/Datakit CrossCAD/Ware) contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file, enabling disclosure of sensitive information. Verified details fr...

5.5CVSS4.7AI score0.0021EPSS