Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jt2go
(Siemens)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 159 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-18 | CVE-2021-25175 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Conversion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-01-18 | CVE-2021-25176 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-01-18 | CVE-2021-25177 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-01-18 | CVE-2021-25178 | An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. This can allow attackers to cause a crash potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution. | Drawings_software_development_kit, Comos, Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-02-09 | CVE-2020-26998 | A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information. (ZDI-CAN-12040) | Jt2go, Teamcenter_visualization | 5.5 | ||
| 2021-02-09 | CVE-2020-26999 | A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information. (ZDI-CAN-12042) | Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-02-09 | CVE-2020-27000 | A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing BMP files. This can result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12018) | Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-02-09 | CVE-2020-27001 | A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12041) | Jt2go, Teamcenter_visualization | 7.8 | ||
| 2021-02-09 | CVE-2020-27002 | A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12043) | Jt2go, Teamcenter_visualization | 7.1 | ||
| 2021-02-09 | CVE-2020-27003 | A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing TIFF files. This could lead to pointer dereferences of a value obtained from untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12158) | Jt2go, Teamcenter_visualization | 7.8 |