Lucene search
K

379 matches found

CNVD
CNVD
added 2021/06/09 12:0 a.m.11 views

Open Design Alliance Drawings SDK Post-Release Reuse Vulnerability

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for . A post-release reuse...

7.8CVSS6.9AI score0.02668EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/02/24 12:0 a.m.28 views

Siemens JT2Go DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...

7.8CVSS4.2AI score0.02286EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/02/24 12:0 a.m.32 views

Siemens JT2Go DGN File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...

7.8CVSS5.2AI score0.02216EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/19 12:0 a.m.10 views

Open Design Alliance Drawings SDK Memory Corruption Vulnerability

Drawings is a development platform for desktop, mobile and web applications targeting .dwg and .dgn data.Drawings SDK is the Drawings Software Development Kit. A memory corruption vulnerability exists in Open Design Alliance Drawings SDK versions prior to 2021.12. An attacker could exploit this...

7.8CVSS6.7AI score0.02216EPSS
Exploits0References1
OSV
OSV
added 2021/01/18 8:15 a.m.3 views

CVE-2021-25173

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service crash, exit, or restart...

7.8CVSS7.1AI score0.02286EPSS
Exploits0References4
NVD
NVD
added 2021/01/18 8:15 a.m.25 views

CVE-2021-25174

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service Crash, Exit, or Restart...

7.8CVSS7.7AI score0.02216EPSS
Exploits0References4
NVD
NVD
added 2021/01/18 8:15 a.m.21 views

CVE-2021-25173

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service crash, exit, or restart...

7.8CVSS7.5AI score0.02286EPSS
Exploits0References4
Prion
Prion
added 2021/01/18 8:15 a.m.19 views

Design/Logic Flaw

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service crash, exit, or restart...

6.8CVSS7.4AI score0.02286EPSS
Exploits0References4Affected Software4
Prion
Prion
added 2021/01/18 8:15 a.m.22 views

Memory corruption

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service Crash, Exit, or Restart...

6.8CVSS7.7AI score0.02216EPSS
Exploits0References4Affected Software4
Cvelist
Cvelist
added 2021/01/18 7:14 a.m.26 views

CVE-2021-25173

An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service crash, exit, or restart...

7.8AI score0.02286EPSS
Exploits0References4
CVE
CVE
added 2021/01/18 7:14 a.m.91 views

CVE-2021-25173

CVE-2021-25173 affects the Open Design Alliance Drawings SDK prior to 2021.12. The vulnerability is a memory allocation with excessive size when parsing malformed DGN files, which can cause a crash and potentially enable denial of service. Multiple connected advisories confirm the impact and prov...

7.8CVSS7.4AI score0.02286EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2021/01/18 7:14 a.m.87 views

CVE-2021-25174

CVE-2021-25174 affects the Open Design Alliance Drawings SDK prior to 2021.12. A memory corruption vulnerability occurs when parsing malformed DGN files, potentially causing a crash or denial of service. The issue is mitigated by upgrading to Drawings SDK 2021.12 or later (as per Siemens/Open Des...

7.8CVSS7.6AI score0.02216EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/10/24 12:0 a.m.500 views

NETGEAR DGN Remote Unauthenticated Command Execution

The remote NETGEAR DGN device is affected by a flaw in the setup.cgi script that allows an unauthenticated, remote attacker to execute arbitrary commands with root privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid104128; scriptversion"1.3";...

5.9AI score
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2017/10/19 12:0 a.m.3 views

NETGEAR DGN Command Injection

A command injection vulnerability exists in NETGEAR DGN. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.7AI score
Exploits0
exploitpack
exploitpack
added 2013/06/05 12:0 a.m.19 views

NETGEAR DGN1000 DGN2200 - Multiple Vulnerabilities

NETGEAR DGN1000 DGN2200 - Multiple Vulnerabilities Unauthenticated command execution on Netgear DGN devices ======================================================== ADVISORY INFORMATION Title: Unauthenticated command execution on Netgear DGN devices Discovery date: 01/05/2013 Release date:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2013/06/03 12:0 a.m.28 views

Netgear DGN devices security vulnerabilities

Authentication bypass, code execution...

3.7AI score
Exploits0References1
Packet Storm
Packet Storm
added 2013/06/03 12:0 a.m.25 views

Netgear DGN Authentication Bypass / Command Execution

Unauthenticated command execution on Netgear DGN devices ======================================================== ADVISORY INFORMATION Title: Unauthenticated command execution on Netgear DGN devices Discovery date: 01/05/2013 Release date: 31/05/2013 Credits: Roberto Paleari [email protected],...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/06/03 12:0 a.m.79 views

Unauthenticated command execution on Netgear DGN devices

Unauthenticated command execution on Netgear DGN devices ======================================================== ADVISORY INFORMATION Title: Unauthenticated command execution on Netgear DGN devices Discovery date: 01/05/2013 Release date: 31/05/2013 Credits: Roberto Paleari [email protected],...

2AI score
Exploits0
msvr
msvr
added 2012/11/20 12:0 a.m.606 views

Oracle AutoVue DGN Parsing Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Oracle AutoVue software versions 20.1.1 and 20.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Oracle...

4CVSS1.9AI score0.01734EPSS
Exploits0Affected Software1
Rows per page
Query Builder