10 matches found
CVE-2021-27492
The CVE-2021-27492 entry concerns Datakit CrossCADWare libraries (CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr) embedded in Luxion KeyShot v10.1 and earlier. The connected Red Hat, ZDI, and ICS/CERT records confirm a concrete XXE-style vulnerability: when opening a special...
CVE-2021-27496
CVE-2021-27496 affects Datakit CrossCADWare libraries embedded in Luxion KeyShot (v10.1 and earlier). Modules CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, and Jt3dReadPsr fail to validate data when parsing PRT files, causing untrusted pointer dereference and potential code execution i...
CVE-2021-27488
CVE-2021-27488 affects Datakit CrossCAD/Ware libraries (CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr) embedded in Luxion KeyShot up to v10.1. The vulnerability stems from improper validation when parsing CATPart files, enabling an out-of-bounds write and potential code exe...
CVE-2021-27494
CVE-2021-27494 affects Datakit CrossCADWare libraries (CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr) bundled in Luxion KeyShot (Versions 10.1 and earlier). The vulnerability is an out-of-bounds stack/write caused by inadequate validation when parsing STP files, which can a...
CVE-2021-27490
Datakit CrossCADWare libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr embedded in Luxion KeyShot (versions ≤ 10.1) are affected by CVE-2021-27490 due to an out-of-bounds read when parsing CATPart data, potentially allowing code execution in the affected process. Red ...
CVE-2023-22321
CVE-2023-22321 affects Datakit CrossCadWare_x64.dll and is an out-of-bounds read past the end of an allocated buffer while parsing SLDPRT files, potentially disclosing sensitive information. The ICSA advisory and related documents confirm the vulnerability in CrossCAD/Ware_x64 library (all versio...
CVE-2023-22846
Summary: CVE-2023-22846 affects Datakit CrossCadWare_x64.dll in Datakit CrossCAD/Ware. The vulnerability is an out-of-bounds read past the end of an allocated buffer when parsing a specially crafted SLDPRT file, which could allow disclosure of sensitive information. The ICS advisory details the a...
CVE-2023-22295
Datakit CrossCadWare_x64.dll is affected by CVE-2023-22295, with an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file, potentially allowing sensitive information disclosure. Affected software: Datakit CrossCadWare_x64.dll (CrossCAD/Ware). Impact ...
CVE-2023-23579
Datakit CrossCadWare_x64.dll contains an out-of-bounds write while parsing a specially crafted SLDPRT file, enabling code execution in the context of the current process. The vulnerability is associated with Datakit’s CrossCAD/Ware library used by Siemens Solid Edge; the CVE-2023-23579 entry is e...
CVE-2023-22354
CVE-2023-22354 : Datakit CrossCadWare_x64.dll (used by Microsoft Solid Edge/Siemens Solid Edge/Datakit CrossCAD/Ware) contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file, enabling disclosure of sensitive information. Verified details fr...