Skip to main content

Comos

24 CVEs product

Monthly

CVE-2023-46601 HIGH This Week

A vulnerability has been identified in COMOS (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Comos
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-43505 MEDIUM This Month

A vulnerability has been identified in COMOS (All versions). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Comos
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-43504 CRITICAL Act Now

A vulnerability has been identified in COMOS (All versions < V10.4.4). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Comos
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-43503 HIGH This Week

A vulnerability has been identified in COMOS (All versions < V10.4.4). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Comos
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-24482 CRITICAL Act Now

A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions <. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Comos
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-32952 HIGH PATCH This Week

An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-32950 HIGH PATCH This Week

An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.1
EPSS
2.1%
CVE-2021-32948 HIGH PATCH This Week

An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-32944 HIGH PATCH This Week

A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow RCE Memory Corruption Drawings Sdk +3
NVD
CVSS 3.1
7.8
EPSS
2.7%
CVE-2021-32940 HIGH PATCH This Week

An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.1
EPSS
2.1%
CVE-2021-32938 HIGH PATCH This Week

Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.1
EPSS
1.4%
CVE-2021-32936 HIGH PATCH This Week

An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Drawings Sdk Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2021-32946 HIGH PATCH This Week

An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Drawings Sdk Comos Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2021-31784 HIGH PATCH This Week

An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Denial Of Service RCE Memory Corruption Drawings Sdk +1
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2021-25178 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service RCE Memory Corruption Drawings Software Development Kit +3
NVD
CVSS 3.1
7.8
EPSS
3.2%
CVE-2021-25177 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Denial Of Service Memory Corruption Drawings Software Development Kit Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-25176 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Drawings Software Development Kit Comos Jt2Go +1
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2021-25175 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Drawings Software Development Kit Comos Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2021-25174 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service Memory Corruption Drawings Software Development Kit Comos +2
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2021-25173 HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Drawings Software Development Kit Comos Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
2.3%
CVE-2013-6840 MEDIUM This Month

Siemens COMOS before 9.2.0.8.1, 10.0 before 10.0.3.1.40, and 10.1 before 10.1.0.0.2 allows local users to gain database privileges via unspecified vectors. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Siemens Comos
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2013-4943 HIGH This Week

The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Siemens Comos
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2013-3927 MEDIUM This Month

Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Siemens Information Disclosure Comos
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2012-3009 HIGH This Week

Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Siemens Comos
NVD
CVSS 2.0
8.5
EPSS
0.3%
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability has been identified in COMOS (All versions). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Comos
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability has been identified in COMOS (All versions). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Comos
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability has been identified in COMOS (All versions < V10.4.4). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A vulnerability has been identified in COMOS (All versions < V10.4.4). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Comos
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions <. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service +1
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An out-of-bounds write issue exists in the DGN file-reading procedure in the Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Drawings Sdk +3
NVD
EPSS 2% CVSS 7.1
HIGH PATCH This Week

An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Drawings Sdk +3
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Drawings Sdk +3
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow RCE +5
NVD
EPSS 2% CVSS 7.1
HIGH PATCH This Week

An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Drawings Sdk +3
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Drawings Sdk +3
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Memory Corruption Drawings Sdk +3
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Drawings Sdk Comos +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Denial Of Service RCE +3
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service RCE +5
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Denial Of Service Memory Corruption Drawings Software Development Kit +3
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Drawings Software Development Kit +3
NVD
EPSS 3% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Drawings Software Development Kit Comos +2
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service Memory Corruption +4
NVD
EPSS 2% CVSS 7.8
HIGH PATCH This Week

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Drawings Software Development Kit Comos +2
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Siemens COMOS before 9.2.0.8.1, 10.0 before 10.0.3.1.40, and 10.1 before 10.1.0.0.2 allows local users to gain database privileges via unspecified vectors. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Siemens Comos
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Siemens Comos
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Siemens Information Disclosure Comos
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Siemens Comos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy