Siemens Jt Open Toolkit vulnerabilities

CVE-2023-30796 [HIGH] CWE-125 CVE-2023-30796: A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2023-29053 [HIGH] CWE-125 CVE-2023-29053: A vulnerability has been identified in JT Open (All versions < V11.3.2.0), JT Utilities (All version A vulnerability has been identified in JT Open (All versions < V11.3.2.0), JT Utilities (All versions < V13.3.0.0). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2022-47977 [HIGH] CWE-119 CVE-2022-47977: A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All version A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0). The affected application contains a memory corruption vulnerability while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.

CVE-2022-47936 [HIGH] CWE-121 CVE-2022-47936: A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All version A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150). The affected application contains a stack overflow vulnerabil

CVE-2022-47935 [HIGH] CWE-119 CVE-2022-47935: A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All version A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (

CVE-2022-41851 [HIGH] CWE-824 CVE-2022-41851: A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All A vulnerability has been identified in JTTK (All versions < V11.1.1.0), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The JTTK library is vulnerable to an uninitialized pointer reference vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to exe

CVE-2021-44430 [HIGH] CWE-787 CVE-2021-44430: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (

CVE-2021-44442 [HIGH] CWE-122 CVE-2021-44442: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN

CVE-2021-44437 [HIGH] CWE-787 CVE-2021-44437: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (

CVE-2021-44438 [HIGH] CWE-787 CVE-2021-44438: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (

CVE-2021-44446 [HIGH] CWE-787 CVE-2021-44446: A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-

CVE-2021-44447 [HIGH] CWE-416 CVE-2021-44447: A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). JTTK library in affected products contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process.

CVE-2021-44433 [HIGH] CWE-416 CVE-2021-44433: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains a use after free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process.

CVE-2021-44014 [HIGH] CWE-416 CVE-2021-44014: A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All version A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of t

CVE-2021-44002 [HIGH] CWE-787 CVE-2021-44002: A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All version A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current

CVE-2021-44445 [HIGH] CWE-122 CVE-2021-44445: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN

CVE-2021-44439 [HIGH] CWE-125 CVE-2021-44439: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the cu

CVE-2021-44440 [HIGH] CWE-119 CVE-2021-44440: A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to memory corruption condition while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14912)

CVE-2021-44450 [HIGH] CWE-125 CVE-2021-44450: A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZD

CVE-2021-44449 [HIGH] CWE-787 CVE-2021-44449: A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < A vulnerability has been identified in JT Utilities (All versions < V12.8.1.1), JTTK (All versions < V10.8.1.1). JTTK library in affected products contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-