Vulnerabilities > Siemens > Comos > 10.3.3.3

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-43503 Cleartext Transmission of Sensitive Information vulnerability in Siemens Comos
A vulnerability has been identified in COMOS (All versions < V10.4.4).
network
low complexity
siemens CWE-319
7.5
2023-11-14 CVE-2023-43504 Unspecified vulnerability in Siemens Comos
A vulnerability has been identified in COMOS (All versions < V10.4.4).
network
low complexity
siemens
critical
9.8
2023-02-14 CVE-2023-24482 Unspecified vulnerability in Siemens Comos
A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All versions < V10.4.1.0.32), COMOS V10.4.2.0 (All versions < V10.4.2.0.25).
network
low complexity
siemens
critical
9.8
2021-12-10 CVE-2021-44228 Deserialization of Untrusted Data vulnerability in multiple products
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints.
10.0
2021-06-17 CVE-2021-32936 An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data.
local
low complexity
opendesign siemens
7.8
2021-06-17 CVE-2021-32938 Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data.
local
low complexity
opendesign siemens
7.1
2021-06-17 CVE-2021-32940 An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data.
local
low complexity
opendesign siemens
7.1
2021-06-17 CVE-2021-32944 Use After Free vulnerability in multiple products
A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data.
local
low complexity
opendesign siemens CWE-416
7.8
2021-06-17 CVE-2021-32948 An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data.
local
low complexity
opendesign siemens
7.8
2021-06-17 CVE-2021-32950 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data.
local
low complexity
opendesign siemens CWE-125
7.1