cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-34661,https://securityvulnerability.io/vulnerability/CVE-2022-34661,Denial of Service Vulnerability in Teamcenter by Siemens,"A vulnerability exists in the File Server Cache service of Teamcenter which can be exploited to cause a denial of service condition. Attackers may leverage this vulnerability by creating infinite loops, effectively consuming CPU cycles and rendering the service unavailable. This issue affects multiple versions of Teamcenter, underscoring the importance of promptly applying security updates to mitigate the risk.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2,Teamcenter V13.3,Teamcenter V14.0",7.5,HIGH,0.0008900000248104334,false,,false,false,false,,false,false,2022-08-10T11:18:08.000Z,0
CVE-2022-34660,https://securityvulnerability.io/vulnerability/CVE-2022-34660,Command Injection Vulnerability in Teamcenter Products by Siemens,"A vulnerability has been detected in multiple versions of Siemens Teamcenter, specifically in the File Server Cache service. This flaw allows for potential command injection, which could enable an attacker to execute arbitrary commands remotely. Affected versions include Teamcenter V12.4, V13.0, V13.1, V13.2, V13.3, and V14.0, each with specific version thresholds that, if not updated, may expose systems to significant risks. Users are advised to apply the necessary patches to mitigate this vulnerability.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2,Teamcenter V13.3,Teamcenter V14.0",9.8,CRITICAL,0.0027799999807029963,false,,false,false,false,,false,false,2022-08-10T11:18:01.000Z,0
CVE-2022-31619,https://securityvulnerability.io/vulnerability/CVE-2022-31619,Default Hardcoded Credentials in Teamcenter by Siemens,A security vulnerability exists in Teamcenter due to the presence of default hardcoded credentials within the Java EE Server Manager HTML Adaptor. This flaw allows unauthorized users with access to the application to execute a range of actions that could lead to remote code execution with elevated permissions. Users are urged to review and update to the latest versions to mitigate this risk.,Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2,Teamcenter V13.3,Teamcenter V14.0",8.8,HIGH,0.003280000062659383,false,,false,false,false,,false,false,2022-06-14T09:21:57.000Z,0
CVE-2022-24290,https://securityvulnerability.io/vulnerability/CVE-2022-24290,Stack Overflow Vulnerability in Teamcenter by Siemens,"A vulnerability exists in multiple versions of Teamcenter where the tcserver.exe binary can experience a stack overflow due to improper parsing of user input. This flaw can result in the binary crashing, potentially disrupting service and affecting the overall functionality of the application. Users of the affected Teamcenter versions should consider applying necessary updates or patches to mitigate this vulnerability.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2,Teamcenter V13.3,Teamcenter V14.0",7.5,HIGH,0.0009899999713525176,false,,false,false,false,,false,false,2022-05-20T13:15:00.000Z,0
CVE-2021-44018,https://securityvulnerability.io/vulnerability/CVE-2021-44018,,"A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll library is vulnerable to memory corruption condition while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15112)",Siemens,"Jt2go,Solid Edge Se2021,Solid Edge Se2022,Teamcenter Visualization V13.1,Teamcenter Visualization V13.2,Teamcenter Visualization V13.3",7.8,HIGH,0.0015899999998509884,false,,false,false,false,,false,false,2022-02-09T15:17:10.000Z,0
CVE-2021-44016,https://securityvulnerability.io/vulnerability/CVE-2021-44016,,"A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll library is vulnerable to memory corruption condition while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15110)",Siemens,"Jt2go,Solid Edge Se2021,Solid Edge Se2022,Teamcenter Visualization V13.1,Teamcenter Visualization V13.2,Teamcenter Visualization V13.3",7.8,HIGH,0.0014100000262260437,false,,false,false,false,,false,false,2022-02-09T15:17:09.000Z,0
CVE-2021-44000,https://securityvulnerability.io/vulnerability/CVE-2021-44000,,"A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15053)",Siemens,"Jt2go,Solid Edge Se2021,Solid Edge Se2022,Teamcenter Visualization V13.1,Teamcenter Visualization V13.2,Teamcenter Visualization V13.3",7.8,HIGH,0.0015399999683722854,false,,false,false,false,,false,false,2022-02-09T15:17:07.000Z,0
CVE-2021-40356,https://securityvulnerability.io/vulnerability/CVE-2021-40356,,"A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2",7.5,HIGH,0.0014799999771639705,false,,false,false,false,,false,false,2021-09-14T10:48:00.000Z,0
CVE-2021-40355,https://securityvulnerability.io/vulnerability/CVE-2021-40355,,"A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The affected application contains Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to use user-supplied input to access objects directly.",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2",8.8,HIGH,0.0009200000204145908,false,,false,false,false,,false,false,2021-09-14T10:47:59.000Z,0
CVE-2021-40354,https://securityvulnerability.io/vulnerability/CVE-2021-40354,,"A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.8), Teamcenter V13.0 (All versions < V13.0.0.7), Teamcenter V13.1 (All versions < V13.1.0.5), Teamcenter V13.2 (All versions < 13.2.0.2). The ""surrogate"" functionality on the user profile of the application does not perform sufficient access control that could lead to an account takeover. Any profile on the application can perform this attack and access any other user assigned tasks via the ""inbox/surrogate tasks"".",Siemens,"Teamcenter V12.4,Teamcenter V13.0,Teamcenter V13.1,Teamcenter V13.2",7.1,HIGH,0.0005699999746866524,false,,false,false,false,,false,false,2021-09-14T10:47:58.000Z,0