Dws Systems Inc.
Products
2- 8 CVEs
- 5 CVEs
Recent CVEs
13| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-1883 | Hig | 0.51 | 7.8 | 0.00 | May 2, 2025 | Out-Of-Bounds Write vulnerability exists in the OBJ file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted OBJÂ file. | ||
| CVE-2024-10204 | Hig | 0.51 | 7.8 | 0.00 | Nov 19, 2024 | Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in the X_B and SAT file reading procedure in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025. These vulnerabilities could allow an attacker to execute arbitrary code while opening… | ||
| CVE-2024-3299 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2024 | Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while… | ||
| CVE-2024-3298 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2024 | Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or… | ||
| CVE-2006-4731 | 0.03 | — | 0.06 | Sep 13, 2006 | Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash). | |||
| CVE-2026-1335 | 0.00 | — | 0.00 | Feb 16, 2026 | An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | |||
| CVE-2026-1334 | 0.00 | — | 0.00 | Feb 16, 2026 | An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | |||
| CVE-2026-1333 | 0.00 | — | 0.00 | Feb 16, 2026 | A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT… | |||
| CVE-2024-1847 | 0.00 | — | 0.00 | Feb 28, 2024 | Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through… | |||
| CVE-2007-5372 | 0.00 | — | 0.02 | Oct 11, 2007 | Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field. | |||
| CVE-2007-1923 | 0.00 | — | 0.03 | Apr 10, 2007 | (1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests. The LedgerSMB affected versions are before 1.3.0. | |||
| CVE-2006-5872 | 0.00 | — | 0.02 | Dec 18, 2006 | login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows remote attackers to execute arbitrary Perl code via the "-e" flag in the script parameter, which is used as an argument to the perl program. | |||
| CVE-2006-4798 | 0.00 | — | 0.01 | Sep 14, 2006 | SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history. |
- risk 0.51cvss 7.8epss 0.00
Out-Of-Bounds Write vulnerability exists in the OBJ file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted OBJÂ file.
- risk 0.51cvss 7.8epss 0.00
Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in the X_B and SAT file reading procedure in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025. These vulnerabilities could allow an attacker to execute arbitrary code while opening…
- risk 0.51cvss 7.8epss 0.00
Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while…
- risk 0.51cvss 7.8epss 0.00
Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or…
- CVE-2006-4731Sep 13, 2006risk 0.03cvss —epss 0.06
Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash).
- CVE-2026-1335Feb 16, 2026risk 0.00cvss —epss 0.00
An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
- CVE-2026-1334Feb 16, 2026risk 0.00cvss —epss 0.00
An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
- CVE-2026-1333Feb 16, 2026risk 0.00cvss —epss 0.00
A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT…
- CVE-2024-1847Feb 28, 2024risk 0.00cvss —epss 0.00
Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through…
- CVE-2007-5372Oct 11, 2007risk 0.00cvss —epss 0.02
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
- CVE-2007-1923Apr 10, 2007risk 0.00cvss —epss 0.03
(1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests. The LedgerSMB affected versions are before 1.3.0.
- CVE-2006-5872Dec 18, 2006risk 0.00cvss —epss 0.02
login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows remote attackers to execute arbitrary Perl code via the "-e" flag in the script parameter, which is used as an argument to the perl program.
- CVE-2006-4798Sep 14, 2006risk 0.00cvss —epss 0.01
SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history.