Vulnerabilities > Siemens > Comos > High

DATE CVE VULNERABILITY TITLE RISK
2021-06-17 CVE-2021-32950 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data.
local
low complexity
opendesign siemens CWE-125
7.1
2021-06-17 CVE-2021-32952 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of user-supplied data.
local
low complexity
opendesign siemens CWE-787
7.8
2021-06-17 CVE-2021-32946 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data.
local
low complexity
opendesign siemens CWE-754
7.8
2021-04-26 CVE-2021-31784 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration.
local
low complexity
opendesign siemens CWE-787
7.8
2021-01-18 CVE-2021-25178 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11.
local
low complexity
opendesign siemens CWE-787
7.8
2021-01-18 CVE-2021-25177 Type Confusion vulnerability in multiple products
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11.
local
low complexity
opendesign siemens CWE-843
7.8
2021-01-18 CVE-2021-25176 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11.
local
low complexity
opendesign siemens CWE-476
7.8
2021-01-18 CVE-2021-25175 Incorrect Type Conversion or Cast vulnerability in multiple products
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11.
local
low complexity
opendesign siemens CWE-704
7.8
2021-01-18 CVE-2021-25174 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12.
local
low complexity
opendesign siemens CWE-787
7.8
2021-01-18 CVE-2021-25173 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12.
local
low complexity
opendesign siemens CWE-770
7.8