379 matches found
Open Design Alliance Drawings SDK Post-Release Reuse Vulnerability
Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, USA. The SDK provides access to .dwg and .dgn data through a convenient, object-oriented API, a C++ API, support for repairing files, and support for . A post-release reuse...
Siemens JT2Go DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...
Siemens JT2Go DGN File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...
Open Design Alliance Drawings SDK Memory Corruption Vulnerability
Drawings is a development platform for desktop, mobile and web applications targeting .dwg and .dgn data.Drawings SDK is the Drawings Software Development Kit. A memory corruption vulnerability exists in Open Design Alliance Drawings SDK versions prior to 2021.12. An attacker could exploit this...
CVE-2021-25173
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service crash, exit, or restart...
CVE-2021-25174
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service Crash, Exit, or Restart...
CVE-2021-25173
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service crash, exit, or restart...
Design/Logic Flaw
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service crash, exit, or restart...
Memory corruption
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service Crash, Exit, or Restart...
CVE-2021-25173
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service crash, exit, or restart...
CVE-2021-25173
CVE-2021-25173 affects the Open Design Alliance Drawings SDK prior to 2021.12. The vulnerability is a memory allocation with excessive size when parsing malformed DGN files, which can cause a crash and potentially enable denial of service. Multiple connected advisories confirm the impact and prov...
CVE-2021-25174
CVE-2021-25174 affects the Open Design Alliance Drawings SDK prior to 2021.12. A memory corruption vulnerability occurs when parsing malformed DGN files, potentially causing a crash or denial of service. The issue is mitigated by upgrading to Drawings SDK 2021.12 or later (as per Siemens/Open Des...
NETGEAR DGN Remote Unauthenticated Command Execution
The remote NETGEAR DGN device is affected by a flaw in the setup.cgi script that allows an unauthenticated, remote attacker to execute arbitrary commands with root privileges. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid104128; scriptversion"1.3";...
NETGEAR DGN Command Injection
A command injection vulnerability exists in NETGEAR DGN. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
NETGEAR DGN1000 DGN2200 - Multiple Vulnerabilities
NETGEAR DGN1000 DGN2200 - Multiple Vulnerabilities Unauthenticated command execution on Netgear DGN devices ======================================================== ADVISORY INFORMATION Title: Unauthenticated command execution on Netgear DGN devices Discovery date: 01/05/2013 Release date:...
Netgear DGN devices security vulnerabilities
Authentication bypass, code execution...
Netgear DGN Authentication Bypass / Command Execution
Unauthenticated command execution on Netgear DGN devices ======================================================== ADVISORY INFORMATION Title: Unauthenticated command execution on Netgear DGN devices Discovery date: 01/05/2013 Release date: 31/05/2013 Credits: Roberto Paleari [email protected],...
Unauthenticated command execution on Netgear DGN devices
Unauthenticated command execution on Netgear DGN devices ======================================================== ADVISORY INFORMATION Title: Unauthenticated command execution on Netgear DGN devices Discovery date: 01/05/2013 Release date: 31/05/2013 Credits: Roberto Paleari [email protected],...
Oracle AutoVue DGN Parsing Could Allow Arbitrary Code Execution
Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Oracle AutoVue software versions 20.1.1 and 20.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Oracle...