Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opendesign drawings sdk vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-5180
An issue exists in Open Design Alliance Drawings SDK prior to 2024.12. A corrupted value of number of sectors used by the Fat structure in a crafted DGN file leads to an out-of-bounds write. An attacker can leverage this vulnerability to execute code in the context of the current...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2023-5179
An issue exists in Open Design Alliance Drawings SDK prior to 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow malicious users to cause a crash, potentially enabling a denial-of-service attack (Crash, ...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2023-22670
A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK prior to 2023.6. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of the length of user-supplied XRecord data p...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2023-22669
Parsing of DWG files in Open Design Alliance Drawings SDK prior to 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2023-26495
An issue exists in Open Design Alliance Drawings SDK prior to 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code.
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2022-28809
An issue exists in Open Design Alliance Drawings SDK prior to 2023.3. An Out-of-Bounds Read vulnerability exists when reading a DWG file with an invalid vertex number in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current pro...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2022-28807
An issue exists in Open Design Alliance Drawings SDK prior to 2023.2. An Out-of-Bounds Read vulnerability exists when rendering a .dwg file after it's opened in the recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current proce...
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2022-28808
An issue exists in Open Design Alliance Drawings SDK prior to 2023.3. An Out-of-Bounds Read vulnerability exists when reading DWG files in a recovery mode. An attacker can leverage this vulnerability to execute code in the context of the current process.
Opendesign Drawings Sdk
7.8
CVSSv3
CVE-2022-23095
Open Design Alliance Drawings SDK prior to 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process.
Opendesign Drawings Software Development Kit
7.8
CVSSv3
CVE-2021-44422
An Improper Input Validation Vulnerability exists when reading a BMP file using Open Design Alliance Drawings SDK prior to 2022.12. Crafted data in a BMP file can trigger a write operation past the end of an allocated buffer, or lead to a heap-based buffer overflow. An attacker c...
Opendesign Drawings Sdk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »