CVE-2024-21837

Uncontrolled search path in some IntelR QuartusR Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

The vulnerability of software for electrical system design, simulation, and automation from ABB e-Design, related to incorrect default settings, allows a perpetrator to trigger a service failure.

The vulnerability of software for electrical system design, simulation, and automation provided by ABB e-Design is related to incorrect default settings. Exploiting this vulnerability can allow attackers to trigger service failures...

CVE-2025-30318

InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

The vulnerability of Cobalt Ashlar-Vellum’s software for parametric automated design and 3D modeling lies in its ability to read data beyond the buffer limit in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in the reading of data beyond the buffer in memory during the processing of AR format files. Exploiting this vulnerability allows an attacker to execute arbitrary code...

Vulnerability of software for modeling, designing, and drawing in AutoCAD, related to errors during initialization of variables, allowing attackers to trigger a service failure and gain unauthorized access to protected information.

The vulnerability of software for modeling, designing, and drawing in AutoCAD is related to errors during initialization of variables. Exploiting this vulnerability can allow attackers to cause service failures and gain unauthorized access to protected information using a specially created...

Adobe Substance 3D Designer memory misreference vulnerability (CNVD-2025-05206)

Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Substance 3D Designer version 1.15.0 and prior versions, which can be exploited by an attacker to execute arbitrary code in the current user environment...

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in errors related to data type mixing, allowing a hacker to execute arbitrary code.

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to errors in data type mixing. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current process...

ALPINE-CVE-2024-7882

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Special Minds Design and Software e-Commerce allows SQL Injection. This issue affects e-Commerce: before 22.11.2024...

The vulnerability of the opennurbs.dll library, a software for modeling, designing, and drafting in AutoCAD, allows a malicious actor to cause the application to terminate abnormally or execute arbitrary code.

The vulnerability of the opennurbs.dll library, a software component used for modeling, designing, and drafting in AutoCAD, relates to the reading of data beyond the specified buffer. Exploiting this vulnerability can allow an attacker to cause the application to terminate abnormally or execute...

CISA and Partners Release Advisory on RansomHub Ransomware

Today, CISA—in partnership with the Federal Bureau of Investigation FBI, Multi-State Information Sharing and Analysis Center MS-ISAC, and Department of Health and Human Services HHS—released a joint Cybersecurity Advisory, StopRansomware: RansomHub Ransomware. This advisory provides network...

CVE-2024-22184

CVE-2024-22184 affects Intel® Quartus® Prime Pro Edition Design Software prior to version 24.1. The weakness is an uncontrolled search path that may allow an authenticated user with local access to escalate privileges. Risk details in connected sources confirm the vulnerability is local and requi...

CVE-2024-21777

Uncontrolled search path in some IntelR QuartusR Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

The vulnerabilities of software for network design, calculation of electrical network parameters, and procurement of EcoStruxure Power Design/Ecodial (formerly Ecodial) equipment relate to shortcomings in the deserialization mechanism, allowing attackers to execute arbitrary code.

The vulnerability of software for designing electrical power networks, calculating network electrical parameters, and selecting equipment for EcoStruxure Power Design/Ecodial formerly Ecodial stems from deficiencies in the deserialization mechanism during file loading. Exploiting this vulnerabili...

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer in memory, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created GLB file...

The vulnerability of the Substance 3D Stager software lies in its ability to read data beyond the buffer boundaries, allowing attackers to exploit this to disclose protected information.

The vulnerability of the Substance 3D Stager software-related 3D design software is related to reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of Cobalt Ashlar-Vellum’s software for parametric automated design and 3D modeling lies in its uncontrolled search element, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to an uncontrollable element in the search process. Exploiting this vulnerability could allow a attacker to execute arbitrary code...

The vulnerability of Cobalt Ashlar-Vellum’s software for parametric automated design and 3D modeling lies in the ability to write data beyond the buffer memory limit, allowing an attacker to execute arbitrary code.

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in the storage of data beyond the buffer limits in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The software of Cobalt Ashlar-Vellum has vulnerabilities that allow a hacker to execute arbitrary code.

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to the use of an unreliable pointer. Exploiting this vulnerability allows a attacker to execute arbitrary code...

Siemens PADS Standard/Plus Viewer 缓冲区错误漏洞

PADS Standard and Standard Plus provide PCB schematic design and layout functionality in an intuitive and easy-to-use environment.An out-of-bounds write vulnerability exists in Siemens PADS Standard/Plus Viewer, which could be exploited by an attacker to execute code in the context of the current...

ABB e-Design

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: ABB Equipment: e-Design Vulnerabilities: Incorrect Default Permissions 2. RISK EVALUATION Exploitation of these vulnerabilities could allow privilege escalation or a denial-of service condition. 3. TECHNICAL DETAILS 3.1...