Filtered by vendor Opendesign Subscriptions
Filtered by product Drawings Sdk Subscriptions
Total 27 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-32944 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 7.8 High
A use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a memory corruption or arbitrary code execution, allowing attackers to cause a denial-of-service condition or execute code in the context of the current process.
CVE-2021-32940 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 7.1 High
An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or read sensitive information from memory locations.
CVE-2021-32938 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 7.1 High
Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory.
CVE-2021-32936 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 7.8 High
An out-of-bounds write issue exists in the DXF file-recovering procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a write past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or execute code in the context of the current process.
CVE-2021-31784 2 Opendesign, Siemens 2 Drawings Sdk, Comos 2024-11-21 7.8 High
An out-of-bounds write vulnerability exists in the file-reading procedure in Open Design Alliance Drawings SDK before 2021.6 on all supported by ODA platforms in static configuration. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart) or possible code execution.
CVE-2018-18224 2 Opendesign, Oracle 2 Drawings Sdk, Outside In Technology 2024-11-21 N/A
A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.
CVE-2018-18223 2 Opendesign, Oracle 2 Drawings Sdk, Outside In Technology 2024-11-21 N/A
Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash.