Siemens Jt2Go vulnerabilities

169 known vulnerabilities affecting siemens/jt2go.

Total CVEs
169
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH123MEDIUM45LOW1

Vulnerabilities

Page 9 of 9
CVE-2020-26990HIGHCVSS 8.8fixed in 13.1.0.1vAll versions < V13.1.0.12021-01-12
CVE-2020-26990 [HIGH] CWE-843 CVE-2020-26990: A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (A A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when parsing ASM files. A crafted ASM file could trigger a type confusion condition. An attacker could leverage this vulnerability to execute code in the contex
cvelistv5nvd
CVE-2020-26995HIGHCVSS 8.8fixed in 13.1.0vAll versions < V13.1.02021-01-12
CVE-2020-26995 [HIGH] CWE-787 CVE-2020-26995: A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of SGI and RGB files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability
cvelistv5nvd
CVE-2020-26982HIGHCVSS 8.8fixed in 13.1.0vAll versions < V13.1.02021-01-12
CVE-2020-26982 [HIGH] CWE-787 CVE-2020-26982: A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CG4 and CGM files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to
cvelistv5nvd
CVE-2020-26992HIGHCVSS 7.8fixed in 13.1.0vAll versions < V13.1.02021-01-12
CVE-2020-26992 [HIGH] CWE-121 CVE-2020-26992: A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing CGM files. This could lead to a stack based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage th
cvelistv5nvd
CVE-2020-26986HIGHCVSS 8.8fixed in 13.1.0vAll versions < V13.1.02021-01-12
CVE-2020-26986 [HIGH] CWE-122 CVE-2020-26986: A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of JT files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the curre
cvelistv5nvd
CVE-2020-26984HIGHCVSS 8.8fixed in 13.1.0vAll versions < V13.1.02021-01-12
CVE-2020-26984 [HIGH] CWE-787 CVE-2020-26984: A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of JT files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execu
cvelistv5nvd
CVE-2020-26980HIGHCVSS 8.8fixed in 13.1.0vAll versions < V13.1.02021-01-12
CVE-2020-26980 [HIGH] CWE-843 CVE-2020-26980: A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing JT files. A crafted JT file could trigger a type confusion condition. An attacker could leverage this vulnerability to execute code in the context of t
cvelistv5nvd
CVE-2020-26985HIGHCVSS 8.8fixed in 13.1.0vAll versions < V13.1.02021-01-12
CVE-2020-26985 [HIGH] CWE-122 CVE-2020-26985: A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). Affected applications lack proper validation of user-supplied data when parsing of RGB and SGI files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context o
cvelistv5nvd
CVE-2020-26981MEDIUMCVSS 6.5fixed in 13.1.0vAll versions < V13.1.02021-01-12
CVE-2020-26981 [MEDIUM] CWE-611 CVE-2020-26981: A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restric
cvelistv5nvd
← Previous9 / 9