TRUFusion Entreprise Sensitive Data Exposure

TRUFusion Entreprise is a solution to easily and securely manage the exchange of CAD files and related product design data from within your PLM system. Due to a lack of control, it is possible for an unauthenticated attacker to access an endpoint that returns all partners who have access to the...

Reproducing a Security Risk Assessment Using Computer Aided Design

Security risk assessment is essential in establishing the trustworthiness and reliability of modern systems. While various security risk assessment approaches exist, prevalent applications are "pen and paper" implementations that -- even if performed digitally using computers -- remain prone to...

Ashlar-Vellum Cobalt Memory Corruption Vulnerability

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A memory corruption vulnerability exists in Ashlar-Vellum Coba...

Ashlar Vellum Graphite 安全漏洞

Ashlar Vellum Graphite is a CAD modeling software from Ashlar, Inc. A security vulnerability exists in Ashlar Vellum Graphite that stems from an out-of-bounds write remote code execution vulnerability that could allow a remote attacker to execute arbitrary code on an affected installation...

Ashlar Vellum Cobalt 安全漏洞

Ashlar Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar. A security vulnerability exists in Ashlar Vellum Cobalt that stems from an out-of-bounds read remote code execution vulnerability that could allow a remote attacker to execute arbitrary code on an...

Bentley Systems MicroStation 资源管理错误漏洞

Bentley MicroStation CONNECT is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, U.S.A. A remote code execution vulnerability exists in Bentley MicroStation CONNECT, which stems from a lack of validation of objects before performing operations on them. An attacker...

Bentley Systems MicroStation 安全漏洞

Bentley Systems MicroStation is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, USA. A buffer overflow vulnerability exists in Bentley Systems MicroStation that can be exploited by an attacker to execute code in the context of the current process...

LibreCAD Denial Vulnerability

LibreCAD is an open source CAD Computer Aided Design application from the LibreCAD organization. A denial of service vulnerability in LibreCAD version 2.2.0, which originates from a null pointer dereference in the HATCH handling of libdxfrw, can be exploited by an attacker to crash the applicatio...

Code Execution Vulnerability in Swift CAD Editor

Swift CAD Editor is a CAD drawing editing software by ... A code execution vulnerability exists in Swift CAD Editor, which can be exploited by an attacker to execute arbitrary code...

Memory Corruption Vulnerability in CAD Quick Look Tool

CAD Quick View Tool is a CAD viewing software. CAD Quick Viewer Tool suffers from a memory corruption vulnerability when handling BMP images. An attacker can cause the program to crash by constructing a malformed BMP image. If successfully exploited, this could result in a denial of service...

[SECURITY] [DLA 1776-1] librecad security update

Package : librecad Version : 2.0.4-1+deb8u1 CVE ID : CVE-2018-19105 Debian Bug : 928477 A vulnerability was found in LibreCAD, a computer-aided design system, which could be exploited to crash the application or cause other unspecified impact when opening a specially crafted file. For Debian 8...

Catia V5-6R2013 Stack Buffer Overflow

Title: Dassault Syst�mes Catia V5-6R2013 "CATV5BackboneBus" Stack Buffer Overflow Date: 2-18-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 & Windows XP Vulnerabilit...

Catia V5-6R2013 Stack Buffer Overflow

Exploit Title: Dassault Systemes Catia V5-6R2013 "CATV5AllApplications" Stack Buffer Overflow Date: 2-18-2014 Exploit Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 &...

Catia V5-6R2013 - 'CATV5_Backbone_Bus' Stack Buffer Overflow (PoC)

''' Title: Dassault Syst�mes Catia V5-6R2013 "CATV5BackboneBus" Stack Buffer Overflow Date: 2-18-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 & Windows XP...

Catia V5-6R2013 - 'CATV5_AllApplications' Stack Buffer Overflow (PoC)

''' Exploit Title: Dassault Systemes Catia V5-6R2013 "CATV5AllApplications" Stack Buffer Overflow Date: 2-18-2014 Exploit Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 &...