SAP 3d Visual Enterprise Viewer
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in SAP 3d Visual Enterprise Viewer.
By the Year
In 2025 there have been 0 vulnerabilities in SAP 3d Visual Enterprise Viewer. 3d Visual Enterprise Viewer did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 37 | 6.86 |
2021 | 45 | 6.61 |
2020 | 45 | 4.74 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new 3d Visual Enterprise Viewer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent SAP 3d Visual Enterprise Viewer Security Vulnerabilities
Due to lack of proper memory management, when a victim opens manipulated file received
CVE-2022-41211
7.8 - High
- November 08, 2022
Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured.
Buffer Overflow
Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received
CVE-2022-41186
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, a Remote Code Execution can be triggered when payload forces a stack-based overflow and or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41187
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received
CVE-2022-41188
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41202
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, vds.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41201
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated Right Hemisphere Binary (.rh, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41200
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41199
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated Open Inventor File (.iv, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41198
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received
CVE-2022-41197
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41196
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41195
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Postscript (.eps, ai.x3d) file received
CVE-2022-41194
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Postscript (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41193
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received
CVE-2022-41192
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41191
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41190
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible
CVE-2022-41189
7.8 - High
- October 11, 2022
Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory.
Buffer Overflow
When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received
CVE-2022-35171
5.5 - Medium
- July 12, 2022
When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below
Improper Input Validation
When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received
CVE-2022-32243
5.5 - Medium
- June 14, 2022
When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received
CVE-2022-32242
5.5 - Medium
- June 14, 2022
When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received
CVE-2022-32241
5.5 - Medium
- June 14, 2022
When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received
CVE-2022-32240
5.5 - Medium
- June 14, 2022
When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received
CVE-2022-32239
5.5 - Medium
- June 14, 2022
When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received
CVE-2022-32238
5.5 - Medium
- June 14, 2022
When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received
CVE-2022-32237
5.5 - Medium
- June 14, 2022
When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received
CVE-2022-32236
5.5 - Medium
- June 14, 2022
When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received
CVE-2022-32235
5.5 - Medium
- June 14, 2022
When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received
CVE-2022-26109
6.5 - Medium
- April 12, 2022
When a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received
CVE-2022-26108
6.5 - Medium
- April 12, 2022
When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received
CVE-2022-26107
6.5 - Medium
- April 12, 2022
When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) received
CVE-2022-26106
6.5 - Medium
- April 12, 2022
When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) received
CVE-2022-27654
6.5 - Medium
- April 12, 2022
When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) received
CVE-2022-27655
6.5 - Medium
- April 12, 2022
When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received
CVE-2022-22539
6.5 - Medium
- February 09, 2022
When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.
Improper Input Validation
When a user opens a manipulated Adobe Illustrator file format (.ai, ai.x3d) received
CVE-2022-22538
6.5 - Medium
- February 09, 2022
When a user opens a manipulated Adobe Illustrator file format (.ai, ai.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.
Improper Input Validation
When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received
CVE-2022-22537
6.5 - Medium
- February 09, 2022
When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application. The file format details along with their CVE relevant information can be found below.
When a user opens manipulated Jupiter Tessellation (.jt) file received
CVE-2021-42070
3.3 - Low
- December 14, 2021
When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application
Improper Input Validation
When a user opens manipulated Tagged Image File Format (.tif) file received
CVE-2021-42069
3.3 - Low
- December 14, 2021
When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application
Memory Corruption
When a user opens a manipulated GIF (.gif) file received
CVE-2021-42068
3.3 - Low
- December 14, 2021
When a user opens a manipulated GIF (.gif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
Improper Input Validation
When a user opens manipulated files received
CVE-2021-38174
6.5 - Medium
- September 14, 2021
When a user opens manipulated files received from untrusted sources in SAP 3D Visual Enterprise Viewer version - 9, the application crashes and becomes temporarily unavailable to the user until restart of the application.
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes buffer overflow
CVE-2021-33680
6.5 - Medium
- July 14, 2021
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes buffer overflow and causes the application to crash and becoming temporarily unavailable until the user restarts the application.
Classic Buffer Overflow
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes out of bounds write
CVE-2021-33681
6.5 - Medium
- July 14, 2021
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which causes out of bounds write and causes the application to crash and becoming temporarily unavailable until the user restarts the application.
Memory Corruption
SAP 3D Visual Enterprise Viewer, version - 9
CVE-2021-27641
5.5 - Medium
- June 09, 2021
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
Improper Input Validation
SAP 3D Visual Enterprise Viewer, version - 9
CVE-2021-27638
5.5 - Medium
- June 09, 2021
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
Improper Input Validation
SAP 3D Visual Enterprise Viewer, version - 9
CVE-2021-27640
5.5 - Medium
- June 09, 2021
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PSD file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
Improper Input Validation
SAP 3D Visual Enterprise Viewer, version - 9
CVE-2021-33661
5.5 - Medium
- June 09, 2021
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
Improper Input Validation
SAP 3D Visual Enterprise Viewer, version - 9
CVE-2021-33660
5.5 - Medium
- June 09, 2021
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FLI file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
Improper Input Validation
SAP 3D Visual Enterprise Viewer, version - 9
CVE-2021-33659
5.5 - Medium
- June 09, 2021
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
Improper Input Validation
SAP 3D Visual Enterprise Viewer, version - 9
CVE-2021-27639
5.5 - Medium
- June 09, 2021
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated JT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.
Improper Input Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for SAP 3d Visual Enterprise Viewer or by SAP? Click the Watch button to subscribe.
