| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-10204 | Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025 | Dassault Systèmes | eDrawings | High | 7.8 | 2024-11-19 13:15:41 | Deep Dive |
| CVE-2024-8040 | Authorization Bypass Through User-Controlled Key vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x | Dassault Systèmes | 3DSwymer | High | 7.7 | 2024-10-16 11:28:50 | Deep Dive |
| CVE-2024-6380 | Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x | Dassault Systèmes | ENOVIA Collaborative Industry Innovator | High | 8.7 | 2024-10-16 11:28:29 | Deep Dive |
| CVE-2024-7737 | Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x | Dassault Systèmes | 3DSwymer | High | 8.7 | 2024-09-19 15:19:59 | Deep Dive |
| CVE-2024-7736 | Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x | Dassault Systèmes | ENOVIA Collaborative Industry Innovator | High | 8.7 | 2024-09-19 15:18:28 | Deep Dive |
| CVE-2024-8004 | Stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x | Dassault Systèmes | ENOVIA Collaborative Industry Innovator | High | 8.7 | 2024-09-02 11:49:06 | Deep Dive |
| CVE-2024-7939 | Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x | Dassault Systèmes | 3DSwymer | High | 8.7 | 2024-09-02 11:49:01 | Deep Dive |
| CVE-2024-7938 | Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x | Dassault Systèmes | 3DSwymer | High | 8.7 | 2024-09-02 11:48:55 | Deep Dive |
| CVE-2024-7932 | Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x | Dassault Systèmes | 3DSwymer | High | 8.7 | 2024-09-02 11:48:48 | Deep Dive |
| CVE-2024-6377 | URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x | Dassault Systèmes | 3DSwymer | High | 8.1 | 2024-08-20 13:45:35 | Deep Dive |
| CVE-2024-6378 | Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x | Dassault Systèmes | ENOVIA Collaborative Industry Innovator | High | 8.7 | 2024-08-20 13:45:11 | Deep Dive |
| CVE-2024-6379 | Reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x | Dassault Systèmes | 3DSwymer | High | 7.7 | 2024-08-20 13:44:53 | Deep Dive |
| CVE-2024-3300 | Pre-authentication Unsafe .NET object deserialization vulnerability affecting DELMIA Apriso Release 2019 through Release 2024 | Dassault Systèmes | DELMIA Apriso | Critical | 9.0 | 2024-05-30 15:19:10 | Deep Dive |
| CVE-2024-3301 | Post-authentication Unsafe .NET object deserialization vulnerability affecting DELMIA Apriso Release 2019 through Release 2024 | Dassault Systèmes | DELMIA Apriso | High | 8.5 | 2024-05-30 15:18:14 | Deep Dive |
| CVE-2023-5597 | Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x | Dassault Systèmes | 3DSwymer | Medium | 5.4 | 2024-05-17 16:54:58 | Deep Dive |
| CVE-2024-3299 | Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the SLDDRW and SLDPRT file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024 | Dassault Systèmes | eDrawings | High | 7.8 | 2024-04-04 15:13:07 | Deep Dive |
| CVE-2024-3298 | Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the DWG and DXF file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024 | Dassault Systèmes | eDrawings | High | 7.8 | 2024-04-04 15:11:25 | Deep Dive |
| CVE-2024-1848 | Multiple vulnerabilities exist in file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024 | Dassault Systèmes | SOLIDWORKS Desktop | High | 7.8 | 2024-03-22 10:58:52 | Deep Dive |
| CVE-2024-1624 | OS Command Injection vulnerability affecting documentation server on certain Releases of 3DEXPERIENCE, SIMULIA Abaqus, SIMULIA Isight and CATIA Composer | Dassault Systèmes | Documentation server | Critical | 9.4 | 2024-03-01 15:47:44 | Deep Dive |
| CVE-2024-1847 | Multiple vulnerabilities exist in file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024 | Dassault Systèmes | eDrawings | High | 7.8 | 2024-02-28 17:34:01 | Deep Dive |