Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opendesign drawings software development kit vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-43274
A Use After Free Vulnerability exists in the Open Design Alliance Drawings SDK prior to 2022.11. The specific flaw exists within the parsing of DWF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An att...
Opendesign Drawings Software Development Kit
6.8
CVSSv2
CVE-2021-43280
A stack-based buffer overflow vulnerability exists in the DWF file reading procedure in Open Design Alliance Drawings SDK prior to 2022.8. The issue results from the lack of proper validation of the length of user-supplied data before copying it to a stack-based buffer. An attack...
Opendesign Drawings Software Development Kit
6.8
CVSSv2
CVE-2022-23095
Open Design Alliance Drawings SDK prior to 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process.
Opendesign Drawings Software Development Kit
6.8
CVSSv2
CVE-2021-43391
An Out-of-Bounds Read vulnerability exists when reading a DXF file using Open Design Alliance Drawings SDK prior to 2022.11. The specific issue exists within the parsing of DXF files. Crafted data in a DXF file (an invalid dash counter in line types) can trigger a read past the e...
Opendesign Drawings Software Development Kit
6.8
CVSSv2
CVE-2021-43275
A Use After Free vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK prior to 2022.8. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulne...
Opendesign Drawings Software Development Kit
6.8
CVSSv2
CVE-2021-43390
An Out-of-Bounds Write vulnerability exists when reading a DGN file using Open Design Alliance Drawings SDK prior to 2022.11. The specific issue exists within the parsing of DGN files. Crafted data in a DGN file and lack of proper validation of input data can trigger a write oper...
Opendesign Drawings Software Development Kit
6.8
CVSSv2
CVE-2021-25173
An issue exists in Open Design Alliance Drawings SDK prior to 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows malicious users to cause a crash, potentially enabling denial of service (crash, exit, or restart).
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
6.8
CVSSv2
CVE-2021-25174
An issue exists in Open Design Alliance Drawings SDK prior to 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow malicious users to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
6.8
CVSSv2
CVE-2021-25177
An issue exists in Open Design Alliance Drawings SDK prior to 2021.11. A Type Confusion issue exists when rendering malformed .DXF and .DWG files. This can allow malicious users to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart).
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
6.8
CVSSv2
CVE-2021-25175
An issue exists in Open Design Alliance Drawings SDK prior to 2021.11. A Type Conversion issue exists when rendering malformed .DXF and .DWG files. This can allow malicious users to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart).
Opendesign Drawings Software Development Kit
Siemens Comos
Siemens Jt2go
Siemens Teamcenter Visualization
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »