PT-2026-25045

Name of the Vulnerable Software and Affected Versions LibreDWG versions 0.13.3.7571 through 0.13.3.7835 Description A heap buffer overflow exists in LibreDWG. A specially crafted DWG file can lead to a Denial of Service DoS condition. The issue is located in the decompress R2004 section function...

PT-2024-17097 · Irfanview · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this issue, where the target must visit a...

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from Autodesk, Inc. in the United States. Autodesk AutoCAD suffers from a buffer error vulnerability that originates when a maliciously crafted DWG file is parsed, which may force an out-of-bounds write to occur, which can be exploit...

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US company Autodesk. A security vulnerability exists in Autodesk AutoCAD that originates from a maliciously crafted DWG file that may force a stack-based buffer overflow when parsed, which can be exploited by an attacker to...

PT-2024-25027 · Dassault Systèmes · Edrawings

Name of the Vulnerable Software and Affected Versions: eDrawings versions Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024 Description: The issue exists in the file reading procedure, allowing an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file. This cou...

SolidWorks 资源管理错误漏洞

SolidWorks is a 3D CAD software from SolidWorks that runs on the Microsoft Windows platform. A security vulnerability exists in SolidWorks versions 2021 through 2023, which stems from a post-release reuse, out-of-bounds write, and heap-based buffer overflow vulnerability during file reads that...

Open Design Alliance Drawings SDK 资源管理错误漏洞

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for .NET, JAVA, and Python...

PT-2023-20685 · Open Design Alliance · Open Design Alliance Drawings Sdk

Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2024.1 Description: An issue was discovered in the Open Design Alliance Drawings SDK where a crafted DWG file can force the SDK to reuse an object that has been freed. This can be leveraged ...

SUSE CVE-2017-15751

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009f39."...

SUSE CVE-2017-15757

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at...

SUSE CVE-2017-15758

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d75b."...

SUSE CVE-2017-15759

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001b3f3."...

SUSE CVE-2017-15777

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADImage+0x0000000000288750."...

SUSE CVE-2017-15782

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000032eb."...

SUSE CVE-2017-15785

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79."...

SUSE CVE-2017-15789

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000048e7."...

PT-2022-24116 · Siemens · Solid Edge

Name of the Vulnerable Software and Affected Versions: Solid Edge versions prior to SE2022MP9 Description: A vulnerability has been identified in the affected application, which contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted DWG files. This...

Autodesk AutoCAD 缓冲区错误漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US-based Autodesk Corporation. A buffer error vulnerability exists in Autodesk AutoCAD, which could be exploited by an attacker to obtain sensitive information or cause a system crash by using a maliciously crafted DWG file ...

DEBIAN-CVE-2021-45343

In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document...

LibreCAD 代码问题漏洞

LibreCAD is an open source CAD Computer Aided Design application from the LibreCAD organization. A denial of service vulnerability in LibreCAD version 2.2.0, which originates from a null pointer dereference in the HATCH handling of libdxfrw, can be exploited by an attacker to crash the applicatio...