CVE-2025-7042

CVE-2025-7042 is a Use-After-Free vulnerability in the IPT file reading path of SOLIDWORKS eDrawings for SOLIDWORKS Desktop 2025. The issue is triggered when opening a specially crafted IPT file, allowing arbitrary code execution. Per connected sources, the exploit requires local access and user ...

CVE-2025-6972 Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025

Use After Free vulnerability exists in the CATPRODUCT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted CATPRODUCT file...

CVE-2024-1847

The CVE-2024-1847 entry concerns Dassault Systèmes eDrawings (SOLIDWORKS eDrawings Viewer). The connected documents corroborate that multiple out-of-bounds, heap/stack overflows, use-after-free, type confusion and memory corruption issues exist in the file-reading path for eDrawings across SOLIDW...

PT-2023-21267 · Dassault Systèmes · Solidworks

Name of the Vulnerable Software and Affected Versions: SOLIDWORKS Desktop versions Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023 Description: The issue exists in the DWG and DXF file reading procedure, allowing an attacker to execute arbitrary code while opening a specially crafted file...

CVE-2023-22670

A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK before 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data prior to copying it ...

CVE-2021-31784

An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow attackers to cause a crash, potentially enabling a denial of service attack Crash, Exit, or Restar...