353 matches found
CVE-2021-25177
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack Crash, Exit, or Restart...
CVE-2021-25178
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. This can allow attackers to cause a crash potentially enabling a denial of service attack Crash,...
CVE-2021-43582
A Use-After-Free Remote Vulnerability exists when reading a DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the...
CVE-2021-32948
An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK All versions prior to 2022.4 resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-servic...
CVE-2021-32946
An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK Version 2022.4 and prior resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow attackers to cause a...
CVE-2021-32950
An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK All versions prior to 2022.4 resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service...
CVE-2021-32940
An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK All versions prior to 2022.5 resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allow attackers to cause a denial-of-servi...
CVE-2024-8894
Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a...
CVE-2024-8894 Out-of-bounds Write vulnerability in ODA SDK versions < 2025.10
Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a...
CVE-2024-8894
Open Design Alliance Drawings SDK (pre-2025.10) is affected by an out-of-bounds write when reading crafted DWF files due to missing checks on SectionIterator data. This can trigger an unhandled exception, potentially causing a crash and denial-of-service, with possible code execution. Affected ve...
Open Design Alliance Drawings SDK 安全漏洞
Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The development kit accesses data in .dwg and .dgn through a convenient, object-oriented API, providing a C++ API, support for repairing files, .NET, JAVA, and Python...
PT-2024-39305 · Open Design Alliance · Open Design Alliance Drawings Sdk
Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2025.10 Description: An out-of-bounds write issue was discovered in the Open Design Alliance Drawings SDK. This issue can be triggered by reading a crafted DWF file and missing proper checks...
New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links
Cybersecurity researchers have discovered a novel phishing campaign that leverages Google Drawings and shortened links generated via WhatsApp to evade detection and trick users into clicking on bogus links designed to steal sensitive information. "The attackers chose a group of the best-known...
CVE-2023-5180
An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...
Design/Logic Flaw
An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2023-5180
CVE-2023-5180 affects the Open Design Alliance Drawings SDK prior to 2024.12. A crafted DGN file can trigger an out-of-bounds write by corrupting the value of the number of sectors in the Fat structure, enabling code execution in the current process. The connected sources (e.g., PT-2023-31894, CI...
CVE-2023-5180 Out-of-bounds Write vulnerability exists in ODA Drawings SDK before 2024.12
An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...
Open Design Alliance Drawings SDK Security Vulnerability
Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for .NET, JAVA, and Python...
PT-2023-31894 · Open Design Alliance · Open Design Alliance Drawings Sdk
Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2024.12 Description: An issue was discovered in the Open Design Alliance Drawings SDK where a corrupted value of the number of sectors used by the Fat structure in a crafted DGN file leads t...
The vulnerability in the set of tools for developing software for engineering applications, Drawings SDK, related to writing beyond the buffer boundaries, allows a hacker to execute arbitrary code.
The vulnerability of the Drawing SDK, a software development tool for engineering applications, is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created file...