VYPR

CVEs

100,081 total · page 692 of 2,002

  • CVE-2024-34773HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 2). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

  • CVE-2024-34772HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 4). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the…

  • CVE-2024-34771HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 2). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

  • CVE-2024-34714HigMay 14, 2024
    risk 0.42cvss 7.6epss 0.00

    The Hoppscotch Browser Extension is a browser extension for Hoppscotch, a community-driven end-to-end open-source API development ecosystem. Due to an oversight during a change made to the extension in the commit d4e8e4830326f46ba17acd1307977ecd32a85b58, a critical check for the…

  • CVE-2024-34086HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in JT2Go (All versions < V2312.0001), Teamcenter Visualization V14.1 (All versions < V14.1.0.13), Teamcenter Visualization V14.2 (All versions < V14.2.0.10), Teamcenter Visualization V14.3 (All versions < V14.3.0.7), Teamcenter Visualization…

  • CVE-2024-34085HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in JT2Go (All versions < V2312.0001), Teamcenter Visualization V14.1 (All versions < V14.1.0.13), Teamcenter Visualization V14.2 (All versions < V14.2.0.10), Teamcenter Visualization V14.3 (All versions < V14.3.0.7), Teamcenter Visualization…

  • CVE-2024-33865HigMay 14, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in linqi before 1.4.0.1 on Windows. There is an NTLM hash leak via the /api/Cdn/GetFile and /api/DocumentTemplate/{GUID] endpoints.

  • CVE-2024-33577HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain a stack overflow vulnerability while parsing specially strings as argument for one of the application binaries. This could allow an attacker to execute code in the…

  • CVE-2024-33493HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the…

  • CVE-2024-33492HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the…

  • CVE-2024-33491HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the…

  • CVE-2024-33490HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the…

  • CVE-2024-33489HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

  • CVE-2024-32977HigMay 14, 2024
    risk 0.39cvss 7.1epss 0.01

    OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.0 contain a vulnerability that allows an unauthenticated attacker to completely bypass the authentication if the `autologinLocal` option is enabled within…

  • CVE-2024-32742HigMay 14, 2024
    risk 0.49cvss 7.6epss 0.00

    A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device contains an unrestricted USB port. An attacker with local access to the device could potentially misuse the port for booting another operating system and gain complete read/write…

  • CVE-2024-32639HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0011). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted MODEL file. This could allow an attacker to…

  • CVE-2024-32636HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications…

  • CVE-2024-32635HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications…

  • CVE-2024-32355HigMay 14, 2024
    risk 0.52cvss 8.0epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection vulnerability via the 'password' parameter in the setSSServer function.

  • CVE-2024-32352HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecL2tpEnable" parameter in the "cstecgi.cgi" binary.

  • CVE-2024-32351HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "mru" parameter in the "cstecgi.cgi" binary.

  • CVE-2024-32350HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.02

    TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the "ipsecPsk" parameter in the "cstecgi.cgi" binary.

  • CVE-2024-32066HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of…

  • CVE-2024-32065HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of…

  • CVE-2024-32064HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of…

  • CVE-2024-32063HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21573)

  • CVE-2024-32062HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21568)

  • CVE-2024-32061HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of…

  • CVE-2024-32060HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of…

  • CVE-2024-32059HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of…

  • CVE-2024-32058HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application is vulnerable to memory corruption while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process.…

  • CVE-2024-32057HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application contains a type confusion vulnerability while parsing IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21562)

  • CVE-2024-32055HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of…

  • CVE-2024-31980HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in Parasolid V35.1 (All versions < V35.1.256), Parasolid V36.0 (All versions < V36.0.210), Parasolid V36.1 (All versions < V36.1.185). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a…

  • CVE-2024-31485HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.02

    A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.30), SICORE Base system (All versions < V1.3.0). The web interface of affected devices is vulnerable to command injection due to missing server side input sanitation. This could…

  • CVE-2024-31484HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability has been identified in CPC80 Central Processing/Communication (All versions < V16.41), CPCI85 Central Processing/Communication (All versions < V5.30), CPCX26 Central Processing/Communication (All versions < V06.02), ETA4 Ethernet Interface IEC60870-5-104 (All…

  • CVE-2024-30206HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.00

    A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA10) (All versions < V3.0.1.1), SIMATIC RTLS Locating Manager (6GT2780-0DA20) (All versions < V3.0.1.1), SIMATIC RTLS Locating…

  • CVE-2024-28165HigMay 14, 2024
    risk 0.53cvss 8.1epss 0.01

    SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an attacker to manipulate a parameter in the Opendocument URL which could lead to high impact on Confidentiality and Integrity of the application

  • CVE-2024-28137HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU vulnerability.

  • CVE-2024-28136HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.01

    A local attacker with low privileges can use a command injection vulnerability to gain root privileges due to improper input validation using the OCPP Remote service.

  • CVE-2024-28134HigMay 14, 2024
    risk 0.46cvss 7.0epss 0.00

    An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive…

  • CVE-2024-28133HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.00

    A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root privileges. 

  • CVE-2024-27945HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.01

    A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The bulk import feature of the affected systems allow a privileged user to upload files to the root installation directory of the system. By replacing specific files, an attacker could tamper…

  • CVE-2024-27944HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.01

    A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload firmware files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even…

  • CVE-2024-27943HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.01

    A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even…

  • CVE-2024-27942HigMay 14, 2024
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system,…

  • CVE-2024-27941HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database.

  • CVE-2024-27940HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database.

  • CVE-2024-22270HigMay 14, 2024
    risk 0.46cvss 7.1epss 0.01

    VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest File Sharing (HGFS) functionality. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor…

  • CVE-2024-22269HigMay 14, 2024
    risk 0.46cvss 7.1epss 0.01

    VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.