CVE-2026-9102

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

CVE-2026-9102

The CVE-2026-9102 issue affects the Altium Enterprise Server ComparisonService. A path traversal flaw arises from missing filename sanitization in Gerber file upload APIs. A regular authenticated workspace user can craft a filename in the multipart Content-Disposition header to escape the intende...

EUVD-2026-31146

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

CVE-2026-9102 Path Traversal in Altium Enterprise Server ComparisonService Allows Arbitrary File Write

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

CVE-2026-9102 Path Traversal in Altium Enterprise Server ComparisonService Allows Arbitrary File Write

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

CVE-2026-9102

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

PT-2026-42229

A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended...

Altium Enterprise Server 路径遍历漏洞

Altium Enterprise Server is a localization data management server developed by Altium Corporation in the United States. Altium Enterprise Server has a path traversal vulnerability. This vulnerability stems from the lack of filename cleaning in the Gerber file upload API. As a result, authenticate...

EUVD-2022-28735

Malicious code in bioql PyPI...

EUVD-2022-28736

Malicious code in bioql PyPI...

EUVD-2022-28862

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-23803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and...

Linux Distros Unpatched Vulnerability : CVE-2022-23804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and...

Linux Distros Unpatched Vulnerability : CVE-2021-40401

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev commit b5f1eacd and Gerbv forked 2.7....

Linux Distros Unpatched Vulnerability : CVE-2021-40393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev commit b5f1eacd and the forked...

gerber-instruments.com Improper Access Control vulnerability OBB-3929861

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

shop.gerber-instruments.com Cross Site Scripting vulnerability OBB-3848410

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Denial Of Service (DoS)

libgerbv.so is vulnerable to Denial of Service DoS attacks. The vulnerability is caused by an Out-of-bounds memory violation due to the way Gerber RS-274X filenames are parsed. The overflow occurs because the filename variable is not properly freed, which can cause the variable to overflow the...

DEBIAN-CVE-2023-4508

A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file...

UBUNTU-CVE-2023-4508

A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file...