7.8
CVE-2025-1429 - MODEL File Parsing Heap-Based Buffer Overflow Vulnerability
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2025-1428 - CATPRODUCT File Parsing Out-of-Bounds Read Vulnerability
A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.8
CVE-2025-1427 - CATPRODUCT File Parsing Uninitialized Variable Vulnerability
A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
7.3
CVE-2025-27103 - Dataease Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read Vulnerabiβ¦
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass for the patch for CVE-2024-55953 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. Noβ¦
7.3
CVE-2025-24974 - DataEase Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read Vulnerabiβ¦
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, authenticated users can read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. No known workarounds are available.
7.5
CVE-2025-2284 - Santesoft Sante PACS Server Access of Uninitialized Pointer DoS
A denial-of-service vulnerability exists in the "GetWebLoginCredentials" function in "Sante PACS Server.exe".
7.8
CVE-2025-2265 - Santesoft Sante PACS Server HTTP.db SHA1 Hash Truncation
The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte
7.5
CVE-2025-2264 - Santesoft Sante PACS Server Path Traversal Information Disclosure
A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.
9.8
CVE-2025-2263 - Santesoft Sante PACS Server Stack-based Buffer Overflow
During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long encrypted username or pasβ¦
7.5
CVE-2024-8176 - Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. Thiβ¦