7.3
CVE-2026-23719 - Heap Buffer Overflow in Siemens Simcenter Femap and Nastran via NDB File Parsing
A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of theโฆ
7.3
CVE-2026-23718 - Out of Bounds Read in Simcenter Femap and Nastran Enabling Code Execution
A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of tโฆ
7.3
CVE-2026-23717 - OutโofโBounds Read in Simcenter Femap and Nastran Leading to Code Execution
A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of tโฆ
7.3
CVE-2026-23716 - Out of Bounds Read in Siemens Simcenter Femap and Nastran Allowing Remote Code Execution
A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of tโฆ
7.3
CVE-2026-23715 - Out-of-Bounds Write in Simcenter XDB File Parsing Leads to Code Execution
A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds write vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of โฆ
7.3
CVE-2026-22923 - Local Arbitrary Code Execution via PDF Export in Siemens NX
A vulnerability has been identified in NX (All versions < V2512), NX (Managed Mode) (All versions < V2512). The affected application contains a data validation vulnerability that could allow an attacker with local access to interfere with internal data during the PDF export process that could potenโฆ
6.2
CVE-2025-40587 -
A vulnerability has been identified in Polarion V2404 (All versions < V2404.5), Polarion V2410 (All versions < V2410.2). The affected application allows arbitrary JavaScript code be included in document titles. This could allow an authenticated remote attacker to conduct a stored cross-site scriptiโฆ
6.3
CVE-2024-52334 -
A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access.
8.8
CVE-2026-24343 - Apache HertzBeat: Uncontrolled Resource Consumption via Crafted XPath Expressions
Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue.
9.8
CVE-2026-23906 - Apache Druid: Authentication Bypass via LDAP Anonymous Bind
Affected Products and Versions * Apache Druid * Affected Versions: 0.17.0 through 35.x (all versions prior to 36.0.0) * Prerequisites: * druid-basic-security extension enabled * LDAP authenticator configured * Underlying LDAP server permits anonymous bindย ย ย ย ย ย ย ย ย ย ย ย ย ย โฆ