28 matches found
PT-2026-54852
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 6.9.13-51 ImageMagick versions prior to 7.1.2-26 Description A use-after-free occurs when identifying an image containing a crafted 8BIM profile with a specific format string. Use-after-free is a memory corruption...
EUVD-2025-138114
Malicious code in avarag-obios-bim npm...
MAL-2025-181890 Malicious code in avarag-obios-bim (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99f02ce0df9665ebd0af25d8eab6537cd7c6800860b5d5b1d2b274139c69e2d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2020-28213
Malware in sbrugna...
CVE-2025-9135 Verkehrsauskunft Österreich SmartRide/cleVVVer/BusBahnBim/Salzburg Verkehr AndroidManifest.xml improper export of android application components
A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr up to 12.1.1258 on Android. The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components...
CVE-2025-9135
CVE-2025-9135 affects Verkehrsauskunft Österreich SmartRide, cleVVVer, BusBahnBim and Salzburg Verkehr on Android up to version 12.1.1(258). Root cause: improper export of AndroidManifest.xml components due to manipulation of an unknown function, enabling a local attack. Public exploit exists. Im...
Malicious code in bim-authorization (npm)
The package bim-authorization was found to contain malicious code...
MAL-2025-9827 Malicious code in @zalastax/nolb-_bim (npm)
The package @zalastax/nolb-bim was found to contain malicious code...
MAL-2025-15687 Malicious code in bim-authorization (npm)
The package bim-authorization was found to contain malicious code...
iso16757-bim.com Cross Site Scripting vulnerability OBB-3424546
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
FreeCAD ODA Command Injection Vulnerability
FreeCad is a free and open source general-purpose parametric 3D Cad modeler from the FreeCad community and supports the finite element method of building information modeling software. A command injection vulnerability exists in FreeCAD version 0.19, which stems from improper cleanup when calling...
bim-bg.com Cross Site Scripting vulnerability OBB-1410935
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
bim-bg.com Cross Site Scripting vulnerability OBB-1400872
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
bim-architecture.com Cross Site Scripting vulnerability OBB-1365699
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
The vulnerability of the graphical programming extension for Dynamo BIM lies in errors during the checking of the paths for loading dynamic libraries. This allows attackers to execute arbitrary code.
The vulnerability of Dynamo BIM’s graphical programming interface relates to errors in checking the path of dynamically loaded libraries. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
Autodesk Dynamo BIM Code Issue Vulnerability
Autodesk Dynamo BIM is a suite of open-source graphic programming design software from Autodesk USA. A security vulnerability exists in Autodesk Dynamo BIM version 2.5.1 and 2.5.0, which originates from the program's inability to properly verify signatures. The vulnerability can be exploited by a...
CVE-2020-7079
An improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files...
CVE-2020-7079
An improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files...
Input validation
An improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files...
CVE-2020-7079
The CVE-2020-7079 entry concerns Autodesk Dynamo BIM, affected in versions 2.5.0 and 2.5.1, where improper signature validation could enable code execution via maliciously crafted DLL files. The vulnerability targets the signature verification process and could be triggered locally with user inte...