Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Comos
(Siemens)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 31 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-18 | CVE-2021-25173 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart). | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-01-18 | CVE-2021-25174 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart). | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-01-18 | CVE-2021-25175 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Conversion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-01-18 | CVE-2021-25176 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-01-18 | CVE-2021-25177 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-01-18 | CVE-2021-25178 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. This can allow attackers to cause a crash potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution. | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-04-26 | CVE-2021-31784 | An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution. | Drawings_sdk, Comos | 7.8 | ||
| 2021-06-17 | CVE-2021-32938 | Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory. | Drawings_sdk, Comos, Jt2go, Teamcenter_visualization | 7.1 | ||
| 2021-06-17 | CVE-2021-32936 | An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process. | Drawings_sdk, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-06-17 | CVE-2021-32940 | An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or read sensitive information from memory locations. | Drawings_sdk, Comos, Jt2go, Teamcenter_visualization | 7.1 |