Vulnerabilities (CVE)

Filtered by vendor 3ds Subscribe
Total 24 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-1287 1 3ds 1 Enovia Live Collaboration 2024-02-04 N/A 9.8 CRITICAL
An XSL template vulnerability in ENOVIA Live Collaboration V6R2013xE allows Remote Code Execution.
CVE-2020-25507 1 3ds 1 Teamwork Cloud 2024-02-04 7.2 HIGH 7.8 HIGH
An incorrect permission assignment during the installation script of TeamworkCloud 18.0 thru 19.0 allows a local unprivileged attacker to execute arbitrary code as root. During installation, the user is instructed to set the system enviroment file with world writable permissions (0777 /etc/environment). Any local unprivileged user can execute arbitrary code simply by writing to /etc/environment, which will force all users, including root, to execute arbitrary code during the next login or reboot. In addition, the entire home directory of the twcloud user at /home/twcloud is recursively given world writable permissions. This allows any local unprivileged attacker to execute arbitrary code, as twcloud. This product was previous named Cameo Enterprise Data Warehouse (CEDW).
CVE-2014-2072 1 3ds 1 Catia 2024-02-04 7.5 HIGH 9.8 CRITICAL
Dassault Systemes Catia V5-6R2013: Stack Buffer Overflow due to inadequate boundary checks
CVE-2014-2073 1 3ds 1 Catia 2024-02-04 7.5 HIGH 9.8 CRITICAL
Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to "CATV5_Backbone_Bus."