CVE-2023-24482 — CVSS 10.0 (critical): A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All…
CVE-2023-46601 — CVSS 9.6 (critical): A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in making the SQLServer…
CVE-2023-43505 — CVSS 9.6 (critical): A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in SMB shares. This…
CVE-2023-43504 — CVSS 9.6 (critical): A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in…
CVE-2021-37198 — CVSS 8.8 (high): A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3…
CVE-2021-37197 — CVSS 8.8 (high): A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3…
CVE-2012-3009 — CVSS 8.5 (high): Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain…
CVE-2021-25176 — CVSS 7.8 (high): An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed…
CVE-2021-31784 — CVSS 7.8 (high): An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all…
CVE-2021-32936 — CVSS 7.8 (high): An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from…
CVE-2021-25173 — CVSS 7.8 (high): An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists…
CVE-2021-25174 — CVSS 7.8 (high): An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading…
CVE-2021-32944 — CVSS 7.8 (high): A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack…
CVE-2021-32946 — CVSS 7.8 (high): An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and…
CVE-2021-32948 — CVSS 7.8 (high): An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the…
CVE-2021-25175 — CVSS 7.8 (high): An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Conversion issue exists when rendering malformed .DXF…
CVE-2021-32952 — CVSS 7.8 (high): An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2022.4 and prior) resulting from the…
CVE-2021-25177 — CVSS 7.8 (high): An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issue exists when rendering malformed .DXF…
CVE-2021-25178 — CVSS 7.8 (high): An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the…
CVE-2021-37194 — CVSS 7.5 (high): A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3…
CVE-2013-4943 — CVSS 7.2 (high): The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to…
CVE-2021-32950 — CVSS 7.1 (high): An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the…
CVE-2021-32940 — CVSS 7.1 (high): An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from…
CVE-2021-32938 — CVSS 7.1 (high): Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of…
CVE-2013-6840 — CVSS 6.9 (medium): Siemens COMOS before 9.2.0.8.1, 10.0 before 10.0.3.1.40, and 10.1 before 10.1.0.0.2 allows local users to gain database privileges via…
CVE-2021-37196 — CVSS 6.5 (medium): A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3…
CVE-2021-37195 — CVSS 6.1 (medium): A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3…
CVE-2013-3927 — CVSS 4.6 (medium): Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to…
CVE-2023-43503 — CVSS 3.5 (low): A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the affected application leaks sensitive…