Filtered by vendor 3ds
Subscriptions
Total
59 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0809 | 2 3ds, Ibm | 2 Enovia Smarteam, Catia | 2026-04-23 | N/A |
| The Web Editor in Dassault Systemes ENOVIA SmarTeam V5 before Release 18 Service Pack 8, and possibly CATIA and other products, allows remote authenticated users to read the profile card of an object in the document class via a link that is sent from the owner of the document object. | ||||
| CVE-2026-1335 | 2 3ds, Dassault Systèmes | 2 Solidworks Edrawings, Solidworks Edrawings | 2026-04-18 | 7.8 High |
| An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | ||||
| CVE-2026-1334 | 2 3ds, Dassault Systemes | 2 Solidworks Edrawings, Solidworks Edrawings | 2026-04-18 | 7.8 High |
| An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | ||||
| CVE-2026-1333 | 2 3ds, Dassault Systemes | 2 Solidworks Edrawings, Solidworks Edrawings | 2026-04-17 | 7.8 High |
| A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | ||||
| CVE-2025-10551 | 2 3ds, Dassult | 2 3dexperience, Enovia Collaborative Industry Innovator | 2026-04-14 | 8.7 High |
| A Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2025-10553 | 2 3ds, Dassault Systèmes | 2 3dexperience, Delmia Factory Resource Manager | 2026-04-07 | 8.7 High |
| A Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2025-10559 | 2 3ds, Dassault Systèmes | 2 3dexperience, Delmia Factory Resource Manager | 2026-04-07 | 7.1 High |
| A Path Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to read or write files in specific directories on the server. | ||||
| CVE-2025-5086 | 1 3ds | 1 Delmia Apriso | 2026-02-26 | 9 Critical |
| A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution. | ||||
| CVE-2025-6204 | 1 3ds | 1 Delmia Apriso | 2026-02-26 | 8 High |
| An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code. | ||||
| CVE-2025-6205 | 1 3ds | 1 Delmia Apriso | 2026-02-26 | 9.1 Critical |
| A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application. | ||||
| CVE-2025-10554 | 2 3ds, Dassault | 2 3dexperience Enovia, Enovia Product Manager | 2026-01-12 | 8.7 High |
| A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2025-12956 | 2 3ds, Dassult | 2 3dexperience Enovia, Enovia Collaborative Industry Innovator | 2026-01-12 | 8.7 High |
| A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2025-10552 | 2 3ds, Dassault | 2 3dswymer, 3dswymer | 2025-12-04 | 8.7 High |
| A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2025-10558 | 2 3ds, Dassault | 2 3dswymer, 3dswymer | 2025-12-04 | 8.7 High |
| A stored Cross-site Scripting (XSS) vulnerability affecting 3DSearch in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2025-10557 | 2 3ds, Dassult | 2 3dexperience Enovia, Enovia Collaborative Industry Innovator | 2025-10-27 | 8.7 High |
| A stored Cross-site Scripting (XSS) vulnerability affecting Issue Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2024-6380 | 2 3ds, Dassult | 2 3dexperience Enovia, Enovia Collaborative Industry Innovator | 2025-10-22 | 8.7 High |
| A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2024-12089 | 1 3ds | 1 3dexperience Enovia | 2025-10-22 | 8.7 High |
| A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2024-12090 | 1 3ds | 1 3dexperience Enovia | 2025-10-22 | 8.7 High |
| A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2024-12091 | 1 3ds | 1 3dexperience Enovia | 2025-10-22 | 8.7 High |
| A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. | ||||
| CVE-2024-12092 | 1 3ds | 1 3dexperience Enovia | 2025-10-22 | 8.7 High |
| A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. | ||||