Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): CATIA
- Search Type: Search All
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-27907 |
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22051) Published: March 12, 2024; 7:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-1624 |
An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x, SIMULIA Abaqus from Release 2022 through Release 2024, SIMULIA Isight from Release 2022 through Release 2024 and CATIA Composer from Release R2023 through Release R2024. A specially crafted HTTP request can lead to arbitrary command execution. Published: March 01, 2024; 11:15:45 AM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-24925 |
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-22060) Published: February 13, 2024; 4:15:51 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2024-24924 |
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22059) Published: February 13, 2024; 4:15:51 AM -0500 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-24923 |
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000), Simcenter Femap (All versions < V2306.0001). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22055) Published: February 13, 2024; 4:15:51 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2024-24922 |
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21715) Published: February 13, 2024; 4:15:50 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2024-24921 |
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21712) Published: February 13, 2024; 4:15:50 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2024-24920 |
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21710) Published: February 13, 2024; 4:15:50 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-41171 |
Due to lack of proper memory management, when a victim opens manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. Published: October 11, 2022; 5:15:17 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-41170 |
Due to lack of proper memory management, when a victim opens a manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Published: October 11, 2022; 5:15:17 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-41169 |
Due to lack of proper memory management, when a victim opens manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. Published: October 11, 2022; 5:15:17 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-41168 |
Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Published: October 11, 2022; 5:15:16 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-33885 |
A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution. Published: October 03, 2022; 11:15:16 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2021-27490 |
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. Published: May 27, 2021; 1:15:07 PM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-27496 |
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An attacker could leverage this vulnerability to execute code in the context of the current process. Published: May 27, 2021; 12:15:08 PM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-27494 |
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing STP files. This could result in a stack-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. Published: May 27, 2021; 12:15:08 PM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2021-27492 |
When opening a specially crafted 3DXML file, the application containing Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external DTD. Published: May 27, 2021; 12:15:08 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-27488 |
Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing CATPart files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. Published: May 27, 2021; 12:15:08 PM -0400 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2014-2072 |
Dassault Systemes Catia V5-6R2013: Stack Buffer Overflow due to inadequate boundary checks Published: January 08, 2020; 11:15:10 AM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2014-2073 |
Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to "CATV5_Backbone_Bus." Published: April 10, 2018; 11:29:00 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |