31 matches found
CVE-2026-1181
Altium 365 workspace endpoints were configured with an overly permissive Cross-Origin Resource Sharing CORS policy that allowed credentialed cross-origin requests from other Altium-controlled subdomains, including forum.live.altium.com. As a result, JavaScript executing on those origins could...
PT-2026-3437
Name of the Vulnerable Software and Affected Versions Altium Forum affected versions not specified Description A stored cross-site scripting XSS issue exists in the Altium Forum because of insufficient server-side input sanitization of forum post content. An authenticated attacker can inject...
CVE-2026-1009
A stored cross-site scripting XSS vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into forum posts, which is stored and executed when other users view the affected post...
CVE-2026-1009
A stored cross-site scripting XSS vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into forum posts, which is stored and executed when other users view the affected post...
CVE-2026-1009 Stored Cross-Site Scripting in Altium Live Forum Leading to Cross-Customer Data Exposure
A stored cross-site scripting XSS vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into forum posts, which is stored and executed when other users view the affected post...
PT-2024-39305 · Open Design Alliance · Open Design Alliance Drawings Sdk
Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2025.10 Description: An out-of-bounds write issue was discovered in the Open Design Alliance Drawings SDK. This issue can be triggered by reading a crafted DWF file and missing proper checks...
The vulnerability of software for modeling, designing, and drawing in AutoCAD arises from copying buffers without checking the size of the input data. This allows a perpetrator to execute arbitrary code.
The vulnerability of software for modeling, designing, and drawing in AutoCAD is related to the copying of buffers without checking the size of input data when processing SLDASM files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2023-39188
A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the curre...
PT-2023-4232 · Siemens · Solid Edge
Name of the Vulnerable Software and Affected Versions: Solid Edge SE2023 versions prior to V223.0 Update 7 Description: A vulnerability has been identified that involves an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an...
PT-2023-1179 · Siemens · Solid Edge
Name of the Vulnerable Software and Affected Versions: Solid Edge versions prior to V2023 MP1 Description: A memory corruption issue has been identified in the DOCMGMT.DLL of Solid Edge. This issue can be triggered while parsing files in different formats such as PAR, ASM, and DFT, potentially...
Autodesk Design Review 缓冲区错误漏洞
Autodesk Design Review ADR is a suite of AutoCAD drafting software assistance software from the American company Autodesk. The software supports viewing, marking, measuring, printing, and tracking changes to 2D and 3D design files. A security vulnerability exists in Autodesk Design Review version...
Autodesk Design Review 缓冲区错误漏洞
Autodesk Design Review ADR is a suite of AutoCAD drafting software assistance software from the American company Autodesk. The software supports viewing, marking, measuring, printing, and tracking changes to 2D and 3D design files. A security vulnerability exists in Autodesk Design Review version...
Autodesk Design Review 缓冲区错误漏洞
Autodesk Design Review ADR is a suite of AutoCAD drafting software assistance software from the American company Autodesk. The software supports viewing, marking, measuring, printing, and tracking changes to 2D and 3D design files. A security vulnerability exists in Autodesk Design Review version...
PT-2022-25725 · Sap · Sap 3D Visual Enterprise Viewer
Name of the Vulnerable Software and Affected Versions: SAP 3D Visual Enterprise Viewer version 9 Description: The issue arises due to improper memory management. When a victim opens a manipulated Visual Design Stream .vds, vds.x3d file from untrusted sources, it can trigger a Remote Code Executio...
Autodesk Design Review和AutoCAD 缓冲区错误漏洞
Autodesk AutoCAD and Autodesk Design Review ADR are both products of the American Autodesk Corporation.Autodesk AutoCAD is a suite of professional 3D drafting software.Autodesk Design Review is a suite of AutoCAD drafting software assistance software. The software supports viewing, marking,...
Autodesk AutoCAD 缓冲区错误漏洞
Autodesk AutoCAD is a suite of professional 3D drawing software from the US company Autodesk. A buffer error vulnerability exists in several versions of Autodesk AutoCAD, which stems from the application processing dwf files that may result in memory corruption due to a write access conflict. An...
PT-2022-19132 · Bentley · Microstation Connect
Name of the Vulnerable Software and Affected Versions: Bentley MicroStation CONNECT version 10.16.02.34 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicio...
Autodesk Navisworks 资源管理错误漏洞
Autodesk Navisworks is 3D model review software for architecture, engineering, and construction from Autodesk, Inc. A resource management error vulnerability exists in Autodesk AutoCAD and Autodesk Navisworks due to a boundary error in the handling of DWF files. A remote attacker could trick a...
CVE-2021-46644
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Bentley Systems MicroStation 缓冲区错误漏洞
Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. Bentley MicroStation CONNECT 10.16.0.80 has an out-of-bounds write vulnerability when parsing DGN files. A remote attacker could exploit this vulnerability to execute arbitrary cod...