VYPR
Vendor

Dassault Systèmes

Products
21
CVEs
77
Across products
82
Status
Private

Products

21

Recent CVEs

77
View all 77 CVEs →
  • CVE-2014-2072CriJan 8, 2020
    risk 0.67cvss 9.8epss 0.07

    Dassault Systemes Catia V5-6R2013: Stack Buffer Overflow due to inadequate boundary checks

  • CVE-2026-7858CriJun 1, 2026
    risk 0.64cvss 9.8epss 0.01

    A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x could lead to an unauthenticated remote code…

  • CVE-2014-2073CriApr 10, 2018
    risk 0.64cvss 9.8epss 0.05

    Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to "CATV5_Backbone_Bus."

  • CVE-2024-3300CriMay 30, 2024
    risk 0.61cvss 9.0epss 0.03

    An unsafe .NET object deserialization vulnerability in DELMIA Apriso Release 2019 through Release 2024 could lead to pre-authentication remote code execution.

  • CVE-2024-1624CriMar 1, 2024
    risk 0.61cvss 9.4epss 0.02

    An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x, SIMULIA Abaqus from Release 2022 through Release 2024, SIMULIA Isight from Release 2022 through Release 2024 and CATIA…

  • CVE-2023-1287CriMar 9, 2023
    risk 0.59cvss 9.0epss 0.01

    An XSL template vulnerability in ENOVIA Live Collaboration V6R2013xE allows Remote Code Execution.

  • CVE-2026-9024HigJun 1, 2026
    risk 0.57cvss 8.7epss 0.00

    A Stored Cross-site Scripting (XSS) vulnerability affecting Process Experience Studio in DELMIA Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2026x could allow an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-10553HigMar 31, 2026
    risk 0.57cvss 8.7epss 0.00

    A Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-10551HigMar 31, 2026
    risk 0.57cvss 8.7epss 0.00

    A Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2026-2101HigFeb 16, 2026
    risk 0.57cvss 8.7epss 0.00

    A Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access from ENOVIAvpm Version 1 Release 16 through ENOVIAvpm Version 1 Release 19 allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-10555HigNov 24, 2025
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-4992HigMay 30, 2025
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-4991HigMay 30, 2025
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-4990HigMay 30, 2025
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-4989HigMay 30, 2025
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-4988HigMay 30, 2025
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting Results Analytics in Multidisciplinary Optimization Engineer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-4983HigMay 30, 2025
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting City Referential in City Referential Manager on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-0602HigMay 30, 2025
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2025-0827HigMar 17, 2025
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting 3DPlay in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

  • CVE-2024-7737HigSep 19, 2024
    risk 0.57cvss 8.7epss 0.00

    A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.