495 matches found
CVE-2026-9264
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
CVE-2026-9264 Cross-Site Scripting in SketchUp Dynamic Components
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
CVE-2026-9264
CVE-2026-9264 affects SketchUp 2026 where the Dynamic Components feature fails to sanitize inputs in the component options window. The root cause is improper input sanitization, allowing a crafted SKP to run arbitrary system commands and read local files via an embedded Internet Explorer 11 brows...
CVE-2026-9264
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
EUVD-2026-31386
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
CVE-2026-9264 Cross-Site Scripting in SketchUp Dynamic Components
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
Trimble SketchUp 安全漏洞
Trimble SketchUp is a 3D modeling software developed by Trimble in the United States. It is designed for architects, urban planning experts, producers, game developers, and professionals in related fields. Trimble SketchUp has a security vulnerability that stems from improper handling of dynamic...
PT-2026-42704
A cross-site scripting XSS vulnerability in SketchUp 2026's Dynamic Components feature allows remote code execution and local file exfiltration through maliciously crafted SKP files. The vulnerability stems from improper input sanitization in the component options window, enabling attackers to...
CVE-2025-15062
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-15062 Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-15062
CVE-2025-15062 : A use-after-free vulnerability in Trimble SketchUp SKP file parsing allows remote code execution. The flaw occurs during SKP file parsing when code operates on an object without verifying its existence, enabling an attacker to run code in the process with the user’s privileges. E...
CVE-2025-15062
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2025-15062 Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a...
Trimble SketchUp resource management error vulnerability
Trimble SketchUp is a 3D modeling software developed by Trimble in the United States. It is designed for architects, urban planning experts, producers, game developers, and professionals in related fields. Trimble SketchUp has a resource management vulnerability that stems from the lack of...
CVE-2010-0316
Integer overflow in Google SketchUp before 7.1 M2 allows remote attackers to cause a denial of service heap memory corruption or possibly execute arbitrary code via a crafted SKP file...
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SK...
PT-2025-53841
Name of the Vulnerable Software and Affected Versions Trimble SketchUp affected versions not specified Description This issue allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required, specifically the target must visit a malicio...
CVE-2025-60749
DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchupwebhelper.exe...
EUVD-2025-37354
DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchupwebhelper.exe...
CVE-2025-60749
DLL Hijacking vulnerability in Trimble SketchUp desktop 2025 via crafted libcef.dll used by sketchupwebhelper.exe...