65 matches found
EUVD-2020-14443
Malware in sbrugna...
EUVD-2021-32562
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-45844
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. CVE-2021-45844...
Warning over free online file converters that actually install malware
The FBI Denver Field Office has warned of an increasing number of scammy websites offering free online file converter services. Instead of converting files, the tools actually load malware onto victims’ computers. The FBI warned specifically about that malware leading to ransomware attacks, but...
The vulnerability of the open_stream function in the file conversion utility for files with the .fig and .fig2dev extensions allows a malicious actor to cause a service failure by writing beyond the buffer boundaries in memory.
The vulnerability of the openstream function in the file conversion utility for files with the .fig and .fig2dev extensions is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
SUSE CVE-2021-45844
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename...
Updated freecad packages fix security vulnerability
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename. CVE-2021-45844...
Debian dla-3076 : freecad - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3076 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3076-1 [email protected] https://www.debian.org/lts/security/...
OS Command Injection
freecad is vulnerable to OS command injection. The vulnerability exists due to an improper sanitization in the invocation of ODA File Converter...
FreeCAD ODA Command Injection Vulnerability
FreeCad is a free and open source general-purpose parametric 3D Cad modeler from the FreeCad community and supports the finite element method of building information modeling software. A command injection vulnerability exists in FreeCAD version 0.19, which stems from improper cleanup when calling...
DEBIAN-CVE-2021-45844
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename...
CVE-2021-45844
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename...
CVE-2021-45844
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename...
UBUNTU-CVE-2021-45844
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename...
Input validation
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename...
CVE-2021-45844
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename...
CVE-2021-45844
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename...
CVE-2021-45844
CVE-2021-45844 affects FreeCAD 0.19 via improper sanitization when invoking the ODA File Converter, enabling OS command injection through a crafted filename. Mitigations include upgrading FreeCAD to fixed releases cited by Debian/Mageia advisories (e.g., FreeCAD 0.19.1+dfsg1-2+deb11u1 for Debian ...
FreeCad 操作系统命令注入漏洞
FreeCad is a free and open source general-purpose parametric 3D Cad modeler from the FreeCad community and supports the finite element method of building information modeling software. A command injection vulnerability exists in FreeCAD version 0.19, which stems from improper cleanup when calling...
PT-2022-12432 · Freecad +1 · Freecad +1
Name of the Vulnerable Software and Affected Versions: FreeCAD version 0.19 Description: The issue is related to improper sanitization in the invocation of ODA File Converter from FreeCAD, allowing an attacker to inject OS commands via a crafted filename. Recommendations: For FreeCAD version 0.19...