Known Vulnerabilities for products from Ptc
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ptc".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-31200 json | PTC Vuforia Studio does not require a token; this could allow an attacker with local access to perform a cross-site req... | 8 - HIGH | 2023-06-07 | 2023-06-16 |
| CVE-2023-29502 json | Before importing a project into Vuforia, a user could modify the “resourceDirectory” attribute in the appConfig.json... | 4.3 - MEDIUM | 2023-06-07 | 2023-06-15 |
| CVE-2023-29447 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2024-01-10 | 2024-01-18 |
| CVE-2023-29446 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.7 - MEDIUM | 2024-01-10 | 2024-01-19 |
| CVE-2023-29445 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2024-01-10 | 2024-01-19 |
| CVE-2023-29444 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.3 - HIGH | 2024-01-10 | 2024-01-19 |
| CVE-2023-29168 json | The local Vuforia web application does not support HTTPS, and federated credentials are passed via basic authentication. | 7.5 - HIGH | 2023-06-07 | 2023-06-16 |
| CVE-2023-29152 json | By changing the filename parameter in the request, an attacker could delete any file with the permissions of the Vuforia s... | 8.1 - HIGH | 2023-06-07 | 2023-06-15 |
| CVE-2023-27881 json | A user could use the “Upload Resource” functionality to upload files to any location on the disk. | 9.9 - CRITICAL | 2023-06-07 | 2023-06-16 |
| CVE-2023-24476 json | An attacker with local access to the machine could record the traffic, which could allow them to resend requests without th... | 3.3 - LOW | 2023-06-07 | 2023-06-15 |
| CVE-2023-5909 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-11-30 | 2023-12-06 |
| CVE-2023-5908 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.1 - CRITICAL | 2023-11-30 | 2023-12-06 |
| CVE-2023-0755 json | The affected products are vulnerable to an improper validation of array index, which could allow an attacker to crash the ser... | 9.8 - CRITICAL | 2023-02-23 | 2023-11-07 |
| CVE-2023-0754 json | The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to crash the server ... | 9.8 - CRITICAL | 2023-02-23 | 2023-11-07 |
| CVE-2022-25252 json | When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) when receivi... | 7.5 - HIGH | 2022-03-16 | 2022-03-28 |
| CVE-2022-25251 json | When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an... | 9.8 - CRITICAL | 2022-03-16 | 2022-03-28 |
| CVE-2022-25250 json | When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an... | 7.5 - HIGH | 2022-03-16 | 2022-03-28 |
| CVE-2022-25249 json | When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) (disregardin... | 7.5 - HIGH | 2022-03-16 | 2022-03-28 |
| CVE-2022-25248 json | When connecting to a certain port Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) supplies the... | 5.3 - MEDIUM | 2022-03-16 | 2022-03-28 |
| CVE-2022-25247 json | Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) may allow an attacker to send certain commands... | 9.8 - CRITICAL | 2022-03-16 | 2022-03-28 |
Known software with vulnerabilities from Ptc
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Ptc | Creo View | - |
| Application | Ptc | Isoview | - |
| Application | Ptc | Thingworx Platform | 6.5.0 |