Lucene search
K

34 matches found

Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.4 views

PT-2026-25045

Name of the Vulnerable Software and Affected Versions LibreDWG versions 0.13.3.7571 through 0.13.3.7835 Description A heap buffer overflow exists in LibreDWG. A specially crafted DWG file can lead to a Denial of Service DoS condition. The issue is located in the decompress R2004 section function...

6.5CVSS5.9AI score0.00218EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.8 views

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...

7.8CVSS8AI score0.0022EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.8 views

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...

7.8CVSS8AI score0.0022EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.6 views

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious user to execute arbitrary code using a specially...

7.8CVSS8AI score0.0022EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.5 views

The vulnerability of the ODXSW_DLL.dll library in software for simulation, design, and drafting in AutoCAD allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the ODXSWDLL.dll library, which is used in AutoCAD software for simulation, design, and drafting, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

7.8CVSS7.8AI score0.00409EPSS
Exploits0References5Affected Software9
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.5 views

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US company Autodesk. A security vulnerability exists in Autodesk AutoCAD that originates from a maliciously crafted DWG file that may force a stack-based buffer overflow when parsed, which can be exploited by an attacker to...

7.8CVSS7.7AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/04/10 12:0 a.m.6 views

Open Design Alliance Drawings SDK 资源管理错误漏洞

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for .NET, JAVA, and Python...

7.8CVSS7.1AI score0.0044EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.4 views

SUSE CVE-2017-15751

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009f39."...

7.8CVSS8.1AI score0.01881EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.5 views

SUSE CVE-2017-15757

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS8AI score0.01897EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.23 views

SUSE CVE-2017-15759

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001b3f3."...

7.8CVSS8AI score0.02457EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.4 views

SUSE CVE-2017-15758

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d75b."...

7.8CVSS8AI score0.02457EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.4 views

SUSE CVE-2017-15777

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADImage+0x0000000000288750."...

7.8CVSS7.8AI score0.01173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.4 views

SUSE CVE-2017-15782

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000032eb."...

7.8CVSS7.8AI score0.01173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.5 views

SUSE CVE-2017-15785

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79."...

7.8CVSS7.8AI score0.01173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.3 views

SUSE CVE-2017-15789

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000048e7."...

7.8CVSS7.8AI score0.01173EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/12/30 12:0 a.m.6 views

The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe Illustrator graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created CDR file...

5.5CVSS6AI score0.00456EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/12/23 12:0 a.m.7 views

The vulnerability of Microsoft Visio’s graphical editor lies in the insufficient validation of input data, which allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Visio’s graphical editor is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created DWG file...

7.8CVSS7.7AI score0.0072EPSS
Exploits0References9
CNNVD
CNNVD
added 2022/04/07 12:0 a.m.3 views

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. A buffer error vulnerability exists in Autodesk AutoCAD, which could be exploited by an attacker to obtain sensitive information or cause a system crash by using a maliciously crafted DWG file ...

7.1CVSS7.3AI score0.01384EPSS
Exploits0References4
OSV
OSV
added 2022/01/25 1:15 p.m.1 views

DEBIAN-CVE-2021-45343

In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document...

5.5CVSS6.6AI score0.009EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/12/13 12:0 a.m.5 views

The vulnerability of the `dwgCompressor :: copyCompBytes21` function in the `libdfxfw` library of the LibreCAD automated design system allows a attacker to execute arbitrary code.

The vulnerability of the dwgCompressor :: copyCompBytes21 function in the libdfxfw library of the LibreCAD automated design system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using...

9.3CVSS8.5AI score0.02686EPSS
Exploits1References8Affected Software4
Rows per page
Query Builder