Filtered by vendor Siemens Subscriptions
Filtered by product Comos Subscriptions
Total 31 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-31784 2 Opendesign, Siemens 2 Drawings Sdk, Comos 2024-11-21 7.8 High
An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution.
CVE-2021-25178 2 Opendesign, Siemens 4 Drawings Software Development Kit, Comos, Jt2go and 1 more 2024-11-21 7.8 High
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. This can allow attackers to cause a crash potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution.
CVE-2021-25177 2 Opendesign, Siemens 4 Drawings Software Development Kit, Comos, Jt2go and 1 more 2024-11-21 7.8 High
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart).
CVE-2021-25176 2 Opendesign, Siemens 4 Drawings Software Development Kit, Comos, Jt2go and 1 more 2024-11-21 7.8 High
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart).
CVE-2021-25175 2 Opendesign, Siemens 4 Drawings Software Development Kit, Comos, Jt2go and 1 more 2024-11-21 7.8 High
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Conversion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart).
CVE-2021-25174 2 Opendesign, Siemens 4 Drawings Software Development Kit, Comos, Jt2go and 1 more 2024-11-21 7.8 High
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).
CVE-2021-25173 2 Opendesign, Siemens 4 Drawings Software Development Kit, Comos, Jt2go and 1 more 2024-11-21 7.8 High
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2013-6840 1 Siemens 1 Comos 2024-11-21 N/A
Siemens COMOS before 9.2.0.8.1, 10.0 before 10.0.3.1.40, and 10.1 before 10.1.0.0.2 allows local users to gain database privileges via unspecified vectors.
CVE-2013-4943 1 Siemens 1 Comos 2024-11-21 N/A
The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrictions by leveraging COMOS project access.
CVE-2013-3927 1 Siemens 1 Comos 2024-11-21 N/A
Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging read access.
CVE-2012-3009 1 Siemens 1 Comos 2024-11-21 N/A
Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls.