Vulnerabilities > Siemens > Solid Edge Se2020 Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-08 | CVE-2021-31342 | Out-of-bounds Write vulnerability in Siemens products The ugeom2d.dll library in all versions of Solid Edge SE2020 before 2020MP14 and all versions of Solid Edge SE2021 before SE2021MP5 lack proper validation of user-supplied data when parsing DFT files. | 8.8 |
2021-06-08 | CVE-2021-31343 | Out-of-bounds Write vulnerability in Siemens products The jutil.dll library in all versions of Solid Edge SE2020 before 2020MP14 and all versions of Solid Edge SE2021 before SE2021MP5 lack proper validation of user-supplied data when parsing DFT files. | 8.8 |
2021-05-27 | CVE-2021-27490 | Out-of-bounds Read vulnerability in multiple products Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. | 7.8 |
2021-05-27 | CVE-2021-27488 | Out-of-bounds Write vulnerability in multiple products Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing CATPart files. | 7.8 |
2021-05-27 | CVE-2021-27492 | XXE vulnerability in multiple products When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. | 5.5 |
2021-05-27 | CVE-2021-27494 | Stack-based Buffer Overflow vulnerability in multiple products Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. | 7.8 |
2021-05-27 | CVE-2021-27496 | Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. | 7.8 |
2021-02-23 | CVE-2021-22651 | Path Traversal vulnerability in multiple products When loading a specially crafted file, Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are, while processing the extraction of temporary files, suffering from a directory traversal vulnerability, which allows an attacker to store arbitrary scripts into automatic startup folders. | 7.8 |
2021-02-23 | CVE-2021-22649 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project files, which may allow an attacker to execute arbitrary code. | 7.8 |
2021-02-23 | CVE-2021-22647 | Out-of-bounds Write vulnerability in multiple products Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing project files, which may allow an attacker to execute arbitrary code. | 7.8 |