EUVD-2023-43151

Malicious code in bioql PyPI...

CVE-2025-8006

CVE-2025-8006 affects Ashlar-Vellum Cobalt XE. The vulnerability is a parsing-time OOB read in XE file processing that allows remote code execution. Exploitation requires user interaction (target must visit a malicious page or open a malicious file). The issue stems from insufficient validation o...

(0Day) Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling lies in errors related to data type mixing, allowing a hacker to execute arbitrary code.

The vulnerability of the Cobalt Ashlar-Vellum software for parametric automated design and 3D modeling is related to errors in data type mixing during the processing of XE files. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Ashlar-Vellum Cobalt 输入验证错误漏洞

Ashlar-Vellum Cobalt is a parameter-based computer-aided design and 3D modeling program from Ashlar-Vellum. An input validation error vulnerability exists in Ashlar-Vellum Cobalt that stems from an integer overflow when parsing an XE file, which could lead to remote code execution...

CVE-2023-39943

In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build 1204.200, the affected application lacks proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the...

PT-2024-17906 · Ashlar Vellum · Ashlar-Vellum Cobalt

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt affected versions not specified Description: The issue is a type confusion vulnerability in the parsing of XE files, which can be exploited by remote attackers to execute arbitrary code on affected installations of...

CVE-2023-35712

Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-35713

Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-35711

Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

CVE-2023-34300

Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

CVE-2023-34288

Ashlar-Vellum Cobalt XE File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target mus...

CVE-2023-35713 Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-35713

Ashlar-Vellum Cobalt XE is affected by a vulnerability in the XE file parsing path due to uninitialized memory access, enabling arbitrary code execution in the context of the current process when a user opens a malicious XE file or visits a malicious page. The issue is triggered during parsing of...

CVE-2023-35711

CVE-2023-35711 concerns Ashlar-Vellum Cobalt XE. The vulnerability is in the XE file parser where an unvalidated user-supplied value can be dereferenced as a pointer, enabling arbitrary code execution. Multiple sources (NVD, CVE records, ZDI advisory) describe it as a remote code execution vulner...

CVE-2023-35711 Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...

CVE-2023-35712 Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-35712

Ashlar-Vellum Cobalt XE is affected by a remote code execution vulnerability in the XE file parser caused by uninitialized memory access. The issue allows an attacker, with user interaction (visiting a malicious page or opening a malicious XE file), to execute code in the context of the victim pr...

CVE-2023-35712 Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-35711 Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the...