cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-41902,https://securityvulnerability.io/vulnerability/CVE-2024-41902,Stack-based buffer overflow vulnerability in JT2Go could allow code execution,"A vulnerability has been identified in JT2Go, specifically in all versions prior to V2406.0003. This flaw is a stack-based buffer overflow that can be triggered when the application processes specially crafted PDF files. If successfully exploited, this vulnerability may enable an attacker to execute arbitrary code in the context of the current process, posing a significant risk to users of the affected versions of JT2Go.",Siemens,Jt2go,7.8,HIGH,0.0005099999834783375,false,,false,false,false,,false,false,2024-10-08T08:40:18.170Z,0
CVE-2023-7066,https://securityvulnerability.io/vulnerability/CVE-2023-7066,Unknown Vulnerability in PDF Parser Could Allow Execution of Code,"A significant vulnerability exists within Siemens PDF processing applications, characterized by an out of bounds read that occurs past the end of an allocated structure when handling specially crafted PDF files. This flaw can be exploited by an attacker to execute arbitrary code within the context of the current process, raising concerns for the security of the affected applications. Immediate action is necessary to mitigate potential threats stemming from this vulnerability.",Siemens,"Jt2go,Teamcenter Visualization",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-08-12T21:46:38.910Z,0
CVE-2024-37996,https://securityvulnerability.io/vulnerability/CVE-2024-37996,Null Pointer Dereference in Siemens Applications,"A critical vulnerability exists within various Siemens applications, including JT Open, JT2Go, and Teamcenter Visualization, which are susceptible to null pointer dereference. This issue arises when the applications process specially crafted XML files. An attacker could exploit this weakness to trigger application crashes, ultimately leading to a denial of service. It is imperative for users to update to the latest versions to mitigate potential risks associated with this vulnerability.",Siemens,"Jt Open,Jt2go,Plm Xml Sdk,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312,Teamcenter Visualization V2406",3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,2024-07-09T12:15:00.000Z,0
CVE-2024-37997,https://securityvulnerability.io/vulnerability/CVE-2024-37997,Stack Overflow Vulnerability in Siemens JT Open and Teamcenter Visualization Products,"A stack overflow vulnerability has been identified in several products from Siemens, notably within JT Open and Teamcenter Visualization. This vulnerability arises during the parsing of specially crafted XML files, which may permit an attacker to execute arbitrary code in the context of the current process. Affected applications include multiple versions of JT Open, JT2Go, PLM XML SDK, and various iterations of Teamcenter Visualization. Users are advised to update their affected products to the latest secure versions to mitigate associated risks.",Siemens,"Jt Open,Jt2go,Plm Xml Sdk,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312,Teamcenter Visualization V2406",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-07-09T12:15:00.000Z,0
CVE-2024-34086,https://securityvulnerability.io/vulnerability/CVE-2024-34086,JT2Go Teamcenter Visualization Vulnerability: Out of Bounds Write Flaw Allows Code Execution,"An out of bounds write vulnerability exists in Siemens' JT2Go and Teamcenter Visualization applications, affecting various versions. This vulnerability arises when parsing specially crafted CGM files, potentially allowing an attacker to execute arbitrary code within the context of the affected application's process. Organizations using these applications should prioritize upgrades to newer versions to mitigate the risk of exploitation.",Siemens,"Jt2go,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-14T10:03:10.774Z,0
CVE-2024-34085,https://securityvulnerability.io/vulnerability/CVE-2024-34085,JT2Go and Teamcenter Visualization Vulnerabilities,"A stack overflow vulnerability has been identified in the JT2Go application and multiple versions of Teamcenter Visualization by Siemens. This vulnerability arises when these applications parse specially crafted XML files, potentially allowing an attacker to execute arbitrary code within the context of the affected process. The vulnerability affects JT2Go in all versions prior to V2312.0001, along with Teamcenter Visualization versions V14.1, V14.2, V14.3, and V2312, all of which require specific version updates to mitigate the risk. Organizations utilizing these products should prioritize updating to the latest versions to protect against potential exploitation.",Siemens,"Jt2go,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-14T10:03:09.574Z,0
CVE-2024-32637,https://securityvulnerability.io/vulnerability/CVE-2024-32637,Parasolid Vulnerability Could Lead to Denial of Service Condition,"A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.",Siemens,"Jt2go,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312",3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-14T10:02:44.682Z,0
CVE-2024-32636,https://securityvulnerability.io/vulnerability/CVE-2024-32636,Parasolid Vulnerability Could Allow Execution of Code,A vulnerability identified in JT2Go and Teamcenter Visualization products allows for an out of bounds read beyond the end of an allocated structure when processing specifically crafted X_T files. This flaw could enable attackers to potentially execute arbitrary code within the context of the process running the application. Users of affected versions should prioritize updating their software to the latest versions to mitigate associated security risks.,Siemens,"Jt2go,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-14T10:02:43.480Z,0
CVE-2024-32635,https://securityvulnerability.io/vulnerability/CVE-2024-32635,Out of Bounds Read Vulnerability in Parasolid Applications,"A vulnerability exists in JT2Go and Teamcenter Visualization products from Siemens, where affected applications process specially crafted X_T files and may trigger an out of bounds read past an unmapped memory region. This condition could potentially allow a malicious actor to execute arbitrary code in the context of the current process, leading to unauthorized actions or data exposure. Users are advised to update to the latest versions to mitigate this risk.",Siemens,"Jt2go,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-14T10:02:42.291Z,0
CVE-2024-26277,https://securityvulnerability.io/vulnerability/CVE-2024-26277,Parasolid Vulnerability Could Lead to Denial of Service Condition,"A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted X_T files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.",Siemens,"Jt2go,Parasolid V35.1,Parasolid V36.0,Parasolid V36.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312",3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,2024-04-09T08:34:38.896Z,0
CVE-2024-26276,https://securityvulnerability.io/vulnerability/CVE-2024-26276,Stack Exhaustion Vulnerability in Parasolid Could Lead to Denial of Service,"A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition.",Siemens,"Jt2go,Parasolid V35.1,Parasolid V36.0,Parasolid V36.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312",3.3,LOW,0.0004299999854993075,false,,false,false,false,,false,false,2024-04-09T08:34:37.744Z,0
CVE-2024-26275,https://securityvulnerability.io/vulnerability/CVE-2024-26275,Parasolid Vulnerability Could Allow Execution of Code,"A serious vulnerability has been found in Siemens JT2Go and Teamcenter Visualization products, whereby an out of bounds read condition exists when parsing malformed X_T files. This flaw allows attackers to potentially execute arbitrary code within the context of the affected process, which could lead to unauthorized actions and compromised systems. Users of JT2Go and Teamcenter Visualization should apply necessary updates to mitigate risks associated with this vulnerability.",Siemens,"Jt2go,Parasolid V35.1,Parasolid V36.0,Parasolid V36.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Teamcenter Visualization V2312",7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-04-09T08:34:36.604Z,0
CVE-2023-51745,https://securityvulnerability.io/vulnerability/CVE-2023-51745,Stack Overflow Vulnerability in JT2Go and Teamcenter Visualization by Siemens,"A stack overflow vulnerability has been discovered in JT2Go and Teamcenter Visualization applications from Siemens. This issue arises while processing specially crafted CGM files, potentially allowing an attacker to execute arbitrary code within the context of the affected process. The vulnerability impacts various versions of JT2Go and Teamcenter Visualization, emphasizing the need for users to update to the latest secure versions to mitigate any risks.",Siemens,"JT2Go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3",7.8,HIGH,0.0010100000072270632,false,,false,false,false,,false,false,2024-01-09T10:15:00.000Z,0
CVE-2023-51746,https://securityvulnerability.io/vulnerability/CVE-2023-51746,Stack Overflow Vulnerability in JT2Go and Teamcenter Visualization by Siemens,"A stack overflow vulnerability has been detected in various versions of JT2Go and Teamcenter Visualization applications. This vulnerability arises from improper parsing of specially crafted CGM files, which could enable an attacker to execute arbitrary code in the context of the affected application process. Users of JT2Go and Teamcenter Visualization should ensure they are using the updated versions to mitigate potential risks associated with this security issue.",Siemens,"Jt2go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3",7.8,HIGH,0.0010100000072270632,false,,false,false,false,,false,false,2024-01-09T10:15:00.000Z,0
CVE-2023-51744,https://securityvulnerability.io/vulnerability/CVE-2023-51744,Null Pointer Dereference Vulnerability in JT2Go and Teamcenter Visualization Products,"A significant vulnerability exists in JT2Go and various versions of Teamcenter Visualization due to a null pointer dereference issue during the processing of specially crafted CGM files. This flaw can be exploited by an attacker to disrupt the application's functionality, potentially leading to a denial of service scenario where the application crashes when processing harmful CGM data.",Siemens,"JT2Go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3",5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-01-09T10:15:00.000Z,0
CVE-2023-51439,https://securityvulnerability.io/vulnerability/CVE-2023-51439,Out of Bounds Read Vulnerability in JT2Go and Teamcenter Visualization Products,"A vulnerability has been identified in Siemens' JT2Go and Teamcenter Visualization applications, characterized by an out of bounds read error triggered during the parsing of specially crafted CGM files. This flaw affects multiple versions of these products, potentially allowing an attacker to execute code within the context of the running process. Users of JT2Go and various Teamcenter Visualization versions are advised to update to the latest patches to mitigate this security risk.",Siemens,"JT2Go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3",7.8,HIGH,0.0005000000237487257,false,,false,false,false,,false,false,2024-01-09T10:15:00.000Z,0
CVE-2021-38405,https://securityvulnerability.io/vulnerability/CVE-2021-38405,"Siemens Solid Edge, JT2Go, and Teamcenter Visualization Improper Restriction of Operations within the Bounds of a Memory Buffer","The Datalogics APDFL library has a vulnerability that can be exploited through specially crafted PDF files, leading to a memory corruption issue. Attackers can potentially execute arbitrary code within the context of the affected process, compromising system integrity and security. Organizations using the APDFL library should take immediate action to review their systems and apply the necessary patches.",Siemens,"Jt2go,Teamcenter Visualization",7.8,HIGH,0.0005799999926239252,false,,false,false,false,,false,false,2023-11-21T18:19:10.557Z,0
CVE-2023-38075,https://securityvulnerability.io/vulnerability/CVE-2023-38075,Use-After-Free Vulnerability in Siemens JT2Go and Teamcenter Visualization Products,"A use-after-free vulnerability has been discovered in several Siemens products, including JT2Go and various versions of Teamcenter Visualization and Tecnomatix Plant Simulation. This vulnerability can be exploited while parsing specially crafted WRL files, potentially allowing an attacker to execute arbitrary code within the context of the affected application process. Users are advised to update their software to the latest versions to mitigate any risks associated with this vulnerability.",Siemens,"JT2Go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.0,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Tecnomatix Plant Simulation V2201,Tecnomatix Plant Simulation V2302",7.8,HIGH,0.0008800000068731606,false,,false,false,false,,false,false,2023-09-12T10:15:00.000Z,0
CVE-2023-38076,https://securityvulnerability.io/vulnerability/CVE-2023-38076,Heap-Based Buffer Overflow in JT2Go and Teamcenter Visualization Applications,"A vulnerability has been identified in multiple versions of JT2Go and Teamcenter Visualization applications, as well as Tecnomatix Plant Simulation. This security flaw is characterized by a heap-based buffer overflow that occurs when the applications process specially crafted WRL files. Exploiting this vulnerability could enable an attacker to execute arbitrary code within the context of the affected process, potentially leading to unauthorized actions and data breaches.",Siemens,"JT2Go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.0,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Tecnomatix Plant Simulation V2201,Tecnomatix Plant Simulation V2302",7.8,HIGH,0.0007399999885819852,false,,false,false,false,,false,false,2023-09-12T10:15:00.000Z,0
CVE-2023-38072,https://securityvulnerability.io/vulnerability/CVE-2023-38072,Out of Bounds Write Vulnerability in Siemens JT2Go and Teamcenter Visualization Products,"An out of bounds write vulnerability has been detected in various Siemens applications, including JT2Go and Teamcenter Visualization products. This flaw occurs when the affected applications improperly manage memory while parsing specially crafted WRL files. An attacker could exploit this weakness to execute arbitrary code in the context of the current process, potentially leading to unauthorized access or control over the application.",Siemens,"JT2Go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.0,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Tecnomatix Plant Simulation V2201,Tecnomatix Plant Simulation V2302",7.8,HIGH,0.0006799999973736703,false,,false,false,false,,false,false,2023-09-12T10:15:00.000Z,0
CVE-2023-38071,https://securityvulnerability.io/vulnerability/CVE-2023-38071,Heap-Based Buffer Overflow Vulnerability in Siemens JT2Go and Teamcenter Visualization Products,"A heap-based buffer overflow vulnerability has been discovered in Siemens JT2Go, Teamcenter Visualization, and Tecnomatix Plant Simulation products. This vulnerability occurs while parsing specially crafted WRL files, potentially allowing attackers to execute arbitrary code within the context of the affected process. Users of these applications should assess their current versions and apply necessary updates to mitigate the risks associated with this exploit.",Siemens,"Jt2go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.0,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Tecnomatix Plant Simulation V2201,Tecnomatix Plant Simulation V2302",7.8,HIGH,0.000699999975040555,false,,false,false,false,,false,false,2023-09-12T10:15:00.000Z,0
CVE-2023-38074,https://securityvulnerability.io/vulnerability/CVE-2023-38074,Type Confusion Vulnerability in Siemens Visualization and Simulation Products,"A type confusion vulnerability has been discovered in several Siemens products, including Teamcenter Visualization and Tecnomatix Plant Simulation. This vulnerability occurs while the applications parse WRL files, potentially allowing an attacker to execute arbitrary code within the context of the affected process. It impacts numerous versions, underscoring the need for users to apply necessary patches and updates to safeguard their systems.",Siemens,"JT2Go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.0,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Tecnomatix Plant Simulation V2201,Tecnomatix Plant Simulation V2302",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,2023-09-12T10:15:00.000Z,0
CVE-2023-38073,https://securityvulnerability.io/vulnerability/CVE-2023-38073,Type Confusion Vulnerability in Siemens JT2Go and Teamcenter Visualization,"A type confusion vulnerability exists in the parsing of WRL files within Siemens JT2Go and Teamcenter Visualization applications. Attackers may exploit this flaw to execute arbitrary code within the context of the affected process. This vulnerability impacts multiple versions of both JT2Go and various releases of Teamcenter Visualization, making it crucial for users to update to the latest versions to safeguard their systems.",Siemens,"JT2Go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.0,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Tecnomatix Plant Simulation V2201,Tecnomatix Plant Simulation V2302",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,2023-09-12T10:15:00.000Z,0
CVE-2023-38070,https://securityvulnerability.io/vulnerability/CVE-2023-38070,Stack-Based Buffer Overflow in JT2Go and Teamcenter Visualization by Siemens,"A stack-based buffer overflow vulnerability has been detected in certain versions of JT2Go and Teamcenter Visualization from Siemens. The flaw occurs while processing specially crafted WRL files, which could allow an attacker to execute arbitrary code within the context of the affected application. Various versions are impacted, necessitating immediate attention and patches to mitigate potential exploitation.",Siemens,"JT2Go,Teamcenter Visualization V13.3,Teamcenter Visualization V14.0,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2,Teamcenter Visualization V14.3,Tecnomatix Plant Simulation V2201,Tecnomatix Plant Simulation V2302",7.8,HIGH,0.0010499999625608325,false,,false,false,false,,false,false,2023-09-12T10:15:00.000Z,0
CVE-2023-38682,https://securityvulnerability.io/vulnerability/CVE-2023-38682,Out of Bounds Read in JT2Go and Teamcenter Visualization Software,"A vulnerability exists in the JT2Go and Teamcenter Visualization applications that allows for an out-of-bounds read during the processing of specially crafted TIFF files. This flaw can lead to the execution of code in the context of the current process, potentially allowing malicious actors to exploit the software. Affected versions must be updated to mitigate this risk.",Siemens,"Jt2go,Teamcenter Visualization V13.2,Teamcenter Visualization V14.1,Teamcenter Visualization V14.2",7.8,HIGH,0.0005699999746866524,false,,false,false,false,,false,false,2023-08-08T10:15:00.000Z,0