Vulnerabilities (CVE)

Filtered by vendor Siemens Subscribe
Filtered by product Jt Utilities
Total 32 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-44436 1 Siemens 2 Jt Open Toolkit, Jt Utilities 2024-11-21 4.3 MEDIUM 3.3 LOW
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14905)
CVE-2021-44435 1 Siemens 2 Jt Open Toolkit, Jt Utilities 2024-11-21 6.8 MEDIUM 7.8 HIGH
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to stack based buffer overflow while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14903)
CVE-2021-44434 1 Siemens 2 Jt Open Toolkit, Jt Utilities 2024-11-21 6.8 MEDIUM 7.8 HIGH
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14902, ZDI-CAN-14866)
CVE-2021-44433 1 Siemens 2 Jt Open Toolkit, Jt Utilities 2024-11-21 6.8 MEDIUM 7.8 HIGH
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products contains a use after free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14900)
CVE-2021-44432 1 Siemens 2 Jt Open Toolkit, Jt Utilities 2024-11-21 6.8 MEDIUM 7.8 HIGH
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to stack based buffer overflow while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14845)
CVE-2021-44431 1 Siemens 2 Jt Open Toolkit, Jt Utilities 2024-11-21 4.3 MEDIUM 3.3 LOW
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds read past the end of an allocated buffer when parsing specially crafted JT files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-14841)
CVE-2021-44430 1 Siemens 2 Jt Open Toolkit, Jt Utilities 2024-11-21 6.8 MEDIUM 7.8 HIGH
A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). JTTK library in affected products is vulnerable to an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14829)
CVE-2021-44014 1 Siemens 5 Jt2go, Jt Open Toolkit, Jt Utilities and 2 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15057, ZDI-CAN-19081)
CVE-2021-44002 1 Siemens 5 Jt2go, Jt Open Toolkit, Jt Utilities and 2 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains an out of bounds write past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15058, ZDI-CAN-19076, ZDI-CAN-19077)
CVE-2021-33715 1 Siemens 1 Jt Utilities 2024-11-21 2.1 LOW 5.5 MEDIUM
A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a race condition could cause an object to be released before being operated on, leading to NULL pointer deference condition and causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.
CVE-2021-33714 1 Siemens 1 Jt Utilities 2024-11-21 2.1 LOW 5.5 MEDIUM
A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a missing check for the validity of an iterator leads to NULL pointer deference condition, causing the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.
CVE-2021-33713 1 Siemens 1 Jt Utilities 2024-11-21 2.1 LOW 5.5 MEDIUM
A vulnerability has been identified in JT Utilities (All versions < V13.0.2.0). When parsing specially crafted JT files, a hash function is called with an incorrect argument leading the application to crash. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.