CVE-2026-7453 WRL File Parsing Memory Exhaustion in Autodesk 3ds Max

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can cause a Stack Exhaustion vulnerability, leading to a denial-of-service condition...

CVE-2023-47268

A flaw was found in PrusaSlicer. A remote attacker could exploit this vulnerability by providing a specially crafted 3mf project file. When this malicious file is processed by slicing the project and exporting G-code, it can lead to arbitrary code execution on the host system. This allows an...

CVE-2025-57107

Kitware VTK (Visualization Toolkit) versions up to and including 9.5.0 contain a heap buffer overflow in vtkGLTFDocumentLoader. The root cause is the copy constructor of Accessor objects not properly validating buffer boundaries when processing specially crafted GLTF files, leading to out-of-boun...

Linux Distros Unpatched Vulnerability : CVE-2021-45847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted...

Dassault Systèmes SOLIDWORKS eDrawings 资源管理错误漏洞

Dassault Systèmes SOLIDWORKS eDrawings is a collaboration tool for viewing, sharing, and labeling 2D/3D design files from Dassault Systèmes France. A security vulnerability exists in Dassault Systèmes SOLIDWORKS eDrawings, which originates from a post-release reuse during the reading of a JT file...

CVE-2025-1432

A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-0908

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2024-8819

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2024-9826

A maliciously crafted 3DM file when parsed in atfapi.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process...

CVE-2024-23152

A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2023-42057

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2023-42054

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2023-37359

Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-37348

Kofax Power PDF U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...

Kofax Power PDF 安全漏洞

Kofax Power PDF is a professional PDF editing and management software from Kofax. A security vulnerability exists in Kofax Power PDF that stems from a U3D File Parsing out-of-bounds write remote code execution vulnerability...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is China Foxit Foxit company a PDF reader. A security vulnerability exists in Foxit PDF Reader, which originates from an out-of-bounds read in the U3D File Parsing module, no detailed vulnerability details are available at this time...

Autodesk AutoCAD Buffer Error Vulnerability

Autodesk AutoCAD is a suite of professional 3D drawing software from the US company Autodesk. A security vulnerability exists in Autodesk AutoCAD that originates when parsing a maliciously crafted STP file in ASMIMPORT228A.dll, which may force an out-of-bounds write. An attacker could use this...

Autodesk AutoCAD Buffer Error Vulnerability

Autodesk AutoCAD is a suite of professional 3D drawing software from the US company Autodesk. A security vulnerability exists in Autodesk AutoCAD that originates when parsing a maliciously crafted 3DM file in opennurbs.dll, which may force an out-of-bounds write. An attacker could use this...

Siemens Tecnomatix Plant Simulation 代码问题漏洞

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. A file analysis vulnerability exists in Siemens...

PT-2023-4272 · Ashlar Vellum · Ashlar-Vellum Cobalt

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...