Lucene search
K

353 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.9 views

CVE-2021-25177

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack Crash, Exit, or Restart...

7.8CVSS6.7AI score0.02286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.7 views

CVE-2021-25178

An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A stack-based buffer overflow vulnerability exists when the recover operation is run with malformed .DXF and .DWG files. This can allow attackers to cause a crash potentially enabling a denial of service attack Crash,...

7.8CVSS7.3AI score0.0323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:52 p.m.8 views

CVE-2021-43582

A Use-After-Free Remote Vulnerability exists when reading a DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the...

7.8CVSS7AI score0.01339EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:37 p.m.9 views

CVE-2021-32948

An out-of-bounds write issue exists in the DWG file-reading procedure in the Drawings SDK All versions prior to 2022.4 resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-servic...

7.8CVSS7.3AI score0.02705EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:37 p.m.8 views

CVE-2021-32946

An improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK Version 2022.4 and prior resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow attackers to cause a...

7.8CVSS7.1AI score0.02801EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:37 p.m.4 views

CVE-2021-32950

An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK All versions prior to 2022.4 resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service...

7.1CVSS6.5AI score0.0205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 p.m.7 views

CVE-2021-32940

An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK All versions prior to 2022.5 resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allow attackers to cause a denial-of-servi...

7.1CVSS6.5AI score0.0205EPSS
Exploits0References1
NVD
NVD
added 2024/12/04 12:15 p.m.21 views

CVE-2024-8894

Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a...

8.1CVSS0.00192EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/04 11:40 a.m.10 views

CVE-2024-8894 Out-of-bounds Write vulnerability in ODA SDK versions < 2025.10

Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a...

8.1CVSS7.5AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2024/12/04 11:40 a.m.52 views

CVE-2024-8894

Open Design Alliance Drawings SDK (pre-2025.10) is affected by an out-of-bounds write when reading crafted DWF files due to missing checks on SectionIterator data. This can trigger an unhandled exception, potentially causing a crash and denial-of-service, with possible code execution. Affected ve...

8.1CVSS7AI score0.00192EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/04 12:0 a.m.4 views

Open Design Alliance Drawings SDK 安全漏洞

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The development kit accesses data in .dwg and .dgn through a convenient, object-oriented API, providing a C++ API, support for repairing files, .NET, JAVA, and Python...

8.1CVSS6.7AI score0.00192EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.5 views

PT-2024-39305 · Open Design Alliance · Open Design Alliance Drawings Sdk

Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2025.10 Description: An out-of-bounds write issue was discovered in the Open Design Alliance Drawings SDK. This issue can be triggered by reading a crafted DWF file and missing proper checks...

8.1CVSS7.3AI score0.00192EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2024/08/08 9:41 a.m.15 views

New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links

Cybersecurity researchers have discovered a novel phishing campaign that leverages Google Drawings and shortened links generated via WhatsApp to evade detection and trick users into clicking on bogus links designed to steal sensitive information. "The attackers chose a group of the best-known...

6.8AI score
Exploits0
OSV
OSV
added 2023/12/26 9:15 a.m.3 views

CVE-2023-5180

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS5.8AI score0.00192EPSS
Exploits0References1
Prion
Prion
added 2023/12/26 9:15 a.m.16 views

Design/Logic Flaw

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...

4.4CVSS6.8AI score0.00192EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/26 8:35 a.m.47 views

CVE-2023-5180

CVE-2023-5180 affects the Open Design Alliance Drawings SDK prior to 2024.12. A crafted DGN file can trigger an out-of-bounds write by corrupting the value of the number of sectors in the Fat structure, enabling code execution in the current process. The connected sources (e.g., PT-2023-31894, CI...

7.8CVSS7.4AI score0.00192EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/26 8:35 a.m.40 views

CVE-2023-5180 Out-of-bounds Write vulnerability exists in ODA Drawings SDK before 2024.12

An issue was discovered in Open Design Alliance Drawings SDK before 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7.6AI score0.00192EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/26 12:0 a.m.6 views

Open Design Alliance Drawings SDK Security Vulnerability

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for .NET, JAVA, and Python...

7.8CVSS7.4AI score0.00192EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/26 12:0 a.m.6 views

PT-2023-31894 · Open Design Alliance · Open Design Alliance Drawings Sdk

Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2024.12 Description: An issue was discovered in the Open Design Alliance Drawings SDK where a corrupted value of the number of sectors used by the Fat structure in a crafted DGN file leads t...

7.8CVSS7.5AI score0.00192EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/11/15 12:0 a.m.5 views

The vulnerability in the set of tools for developing software for engineering applications, Drawings SDK, related to writing beyond the buffer boundaries, allows a hacker to execute arbitrary code.

The vulnerability of the Drawing SDK, a software development tool for engineering applications, is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially created file...

7.8CVSS7.8AI score0.01127EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder