11 matches found
CVE-2023-44438
CVE-2023-44438 concerns Ashlar-Vellum Argon, a CAD/3D modeling tool. The vulnerability stems from how Argon parses various file types, loading a library from an unsecured location, which enables remote code execution with the attacker’s code running in the context of the target process. Exploitat...
CVE-2023-39427
CVE-2023-39427 affects Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share v12 SP0 Build (1204.77). The root cause is insufficient validation of user-supplied XE file data, causing an out-of-bounds write that could enable arbitrary code execution in the current process. Related sources ...
CVE-2025-41392
CVE-2025-41392 affects Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share prior to 12.6.1204.204. The root cause is lack of validation of user-supplied data when parsing AR files, which can lead to an out-of-bounds read and allow arbitrary code execution in the current process. Public ...
CVE-2025-65086
The CVE-2025-65086 entry describes an Out-of-Bounds Write vulnerability in Ashlar-Vellum products Cobalt, Xenon, Argon, Lithium, and Cobalt Share, affected in version 12.6.1204.216 and earlier. The issue arises during parsing of a specially crafted VC6 file, allowing an attacker to execute arbitr...
CVE-2025-65087
CVE-2025-65087 is an Out-of-Bounds Read vulnerability in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share (versions 12.6.1204.216 and earlier). The flaw occurs while parsing VC6 files and could allow an attacker to disclose information or execute arbitrary code. Affected components a...
CVE-2025-65088
CVE-2025-65088 affects Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share up to version 12.6.1204.216 and earlier. An Out-of-Bounds Read during parsing of a specially crafted VC6 file could disclose information or allow arbitrary code execution. Affected components are the VC6 parser w...
CVE-2025-52584
CVE-2025-52584 affects Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share prior to version 12.6.1204.204. The issue is a lack of input validation while parsing XE files, which can cause a heap-based buffer overflow and allow arbitrary code execution in the affected process. Public sour...
CVE-2025-53705
Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204 contain a parsing flaw in CO files that can cause an out-of-bounds write, potentially allowing an attacker to execute arbitrary code in the current process. Multiple sources (NVD, Red Hat, CVE listing, P...
CVE-2025-46269
In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share, versions before 12.6.1204.204 are affected. The issue is a heap-based buffer overflow caused by insufficient validation of user-supplied data when parsing VC6 files, leading to potential arbitrary code execution in the current proc...
CVE-2025-65085
CVE-2025-65085 is a heap-based buffer overflow vulnerability reported in Ashlar-Vellum products: Cobalt, Xenon, Argon, Lithium, and Cobalt Share up to version 12.6.1204.207 (and earlier). The issue could allow an attacker to disclose information or execute arbitrary code. Public documents identif...
CVE-2025-65084
CVE-2025-65084 describes an Out-of-Bounds Write in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share (versions 12.6.1204.207 and prior). The root cause is an out-of-bounds write that could disclose information or allow execution of arbitrary code. Affected products are Ashlar-Vellum C...