Lucene search
K

44 matches found

Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.4 views

PT-2026-25045

Name of the Vulnerable Software and Affected Versions LibreDWG versions 0.13.3.7571 through 0.13.3.7835 Description A heap buffer overflow exists in LibreDWG. A specially crafted DWG file can lead to a Denial of Service DoS condition. The issue is located in the decompress R2004 section function...

6.5CVSS5.9AI score0.00218EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.10 views

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...

7.8CVSS8AI score0.0022EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.9 views

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially...

7.8CVSS8AI score0.0022EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.9 views

The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.

The vulnerability of the CADImage plugin for viewing and playing back graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious user to execute arbitrary code using a specially...

7.8CVSS8AI score0.0022EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/21 12:0 a.m.7 views

PT-2024-17097 · Irfanview · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this issue, where the target must visit a...

7.8CVSS7.4AI score0.00409EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.8 views

The vulnerability of the ODXSW_DLL.dll library in software for simulation, design, and drafting in AutoCAD allows a perpetrator to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the ODXSWDLL.dll library, which is used in AutoCAD software for simulation, design, and drafting, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

7.8CVSS7.8AI score0.00409EPSS
Exploits0References5Affected Software9
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.4 views

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from Autodesk, Inc. in the United States. Autodesk AutoCAD suffers from a buffer error vulnerability that originates when a maliciously crafted DWG file is parsed, which may force an out-of-bounds write to occur, which can be exploit...

7.8CVSS7.7AI score0.00187EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.6 views

Autodesk AutoCAD 安全漏洞

Autodesk AutoCAD is a suite of professional 3D drawing software from the US company Autodesk. A security vulnerability exists in Autodesk AutoCAD that originates from a maliciously crafted DWG file that may force a stack-based buffer overflow when parsed, which can be exploited by an attacker to...

7.8CVSS7.7AI score0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/08 12:0 a.m.18 views

PT-2024-25027 · Dassault Systèmes · Edrawings

Name of the Vulnerable Software and Affected Versions: eDrawings versions Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024 Description: The issue exists in the file reading procedure, allowing an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file. This cou...

7.8CVSS7.8AI score0.00322EPSS
Exploits0References13
BDU FSTEC
BDU FSTEC
added 2023/11/02 12:0 a.m.13 views

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Solid Edge’s design and simulation tools relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using specially created DWG files...

7.8CVSS8AI score0.00226EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.7 views

SolidWorks 资源管理错误漏洞

SolidWorks is a 3D CAD software from SolidWorks that runs on the Microsoft Windows platform. A security vulnerability exists in SolidWorks versions 2021 through 2023, which stems from a post-release reuse, out-of-bounds write, and heap-based buffer overflow vulnerability during file reads that...

7.8CVSS8.1AI score0.00354EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.4 views

PT-2023-20685 · Open Design Alliance · Open Design Alliance Drawings Sdk

Name of the Vulnerable Software and Affected Versions: Open Design Alliance Drawings SDK versions prior to 2024.1 Description: An issue was discovered in the Open Design Alliance Drawings SDK where a crafted DWG file can force the SDK to reuse an object that has been freed. This can be leveraged ...

7.8CVSS7.7AI score0.0044EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/04/10 12:0 a.m.8 views

Open Design Alliance Drawings SDK 资源管理错误漏洞

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for .NET, JAVA, and Python...

7.8CVSS7.1AI score0.0044EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.4 views

SUSE CVE-2017-15751

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x0000000000009f39."...

7.8CVSS8.1AI score0.01881EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.5 views

SUSE CVE-2017-15757

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to "Data from Faulting Address controls Branch Selection starting at...

7.8CVSS8AI score0.01897EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.4 views

SUSE CVE-2017-15758

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at BabaCAD4Image!ShowPlugInOptions+0x000000000004d75b."...

7.8CVSS8AI score0.02457EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.25 views

SUSE CVE-2017-15759

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001b3f3."...

7.8CVSS8AI score0.02457EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.6 views

SUSE CVE-2017-15777

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV near NULL starting at CADImage+0x0000000000288750."...

7.8CVSS7.8AI score0.01173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.4 views

SUSE CVE-2017-15782

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "User Mode Write AV starting at CADImage+0x00000000000032eb."...

7.8CVSS7.8AI score0.01173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.5 views

SUSE CVE-2017-15785

XnView Classic for Windows Version 2.43 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to a "Data Execution Prevention Violation near NULL starting at Unknown Symbol @ 0x0000000000000000 called from CADImage+0x0000000000286a79."...

7.8CVSS7.8AI score0.01173EPSS
Exploits0References3
Rows per page
Query Builder