Vulnerabilities > 3DS > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-13 CVE-2023-3588 Cross-site Scripting vulnerability in 3DS Teamwork Cloud NO Magic Release 2021X/2022X
A stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to execute arbitrary script code.
network
low complexity
3ds CWE-79
5.4
5.4
2023-05-19 CVE-2023-1996 Cross-site Scripting vulnerability in 3DS 3Dexperience
A reflected Cross-site Scripting (XSS) vulnerability in Release 3DEXPERIENCE R2018x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code.
network
low complexity
3ds CWE-79
6.1
6.1
2023-04-21 CVE-2023-2139 Cross-site Scripting vulnerability in 3DS Delmia Apriso
A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code.
network
low complexity
3ds CWE-79
6.1
6.1
2012-09-07 CVE-2012-4883 Unspecified vulnerability in 3DS 3Dvia Composer 6.8.1.1652
Multiple untrusted search path vulnerabilities in 3DVIA Composer V6R2012 HF1 Build 6.8.1.1652 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) ibfs32.dll file in the current working directory, as demonstrated by a directory that contains a .smg file.
local
3ds
6.9
6.9
2012-09-07 CVE-2012-4882 Unspecified vulnerability in 3DS 3D XML Player 6.212.13.12076
Multiple untrusted search path vulnerabilities in 3D XML Player 6.212.13.12076 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) JT0DevPhase.dll file in the current working directory, as demonstrated by a directory that contains a .3dx file.
local
3ds
6.9
6.9