VYPR
Vendor

Dws Systems Inc.

Products
2
CVEs
13
Across products
13
Status
Private

Products

2

Recent CVEs

13
  • CVE-2025-1883HigMay 2, 2025
    risk 0.51cvss 7.8epss 0.00

    Out-Of-Bounds Write vulnerability exists in the OBJ file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted OBJ file.

  • CVE-2024-10204HigNov 19, 2024
    risk 0.51cvss 7.8epss 0.00

    Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in the X_B and SAT file reading procedure in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025. These vulnerabilities could allow an attacker to execute arbitrary code while opening…

  • CVE-2024-3299HigApr 4, 2024
    risk 0.51cvss 7.8epss 0.00

    Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while…

  • CVE-2024-3298HigApr 4, 2024
    risk 0.51cvss 7.8epss 0.00

    Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or…

  • CVE-2006-4731Sep 13, 2006
    risk 0.03cvss epss 0.06

    Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash).

  • CVE-2026-1335Feb 16, 2026
    risk 0.00cvss epss 0.00

    An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.

  • CVE-2026-1334Feb 16, 2026
    risk 0.00cvss epss 0.00

    An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.

  • CVE-2026-1333Feb 16, 2026
    risk 0.00cvss epss 0.00

    A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT…

  • CVE-2024-1847Feb 28, 2024
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through…

  • CVE-2007-5372Oct 11, 2007
    risk 0.00cvss epss 0.02

    Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.

  • CVE-2007-1923Apr 10, 2007
    risk 0.00cvss epss 0.03

    (1) LedgerSMB and (2) DWS Systems SQL-Ledger implement access control lists by changing the set of URLs linked from menus, which allows remote attackers to access restricted functionality via direct requests. The LedgerSMB affected versions are before 1.3.0.

  • CVE-2006-5872Dec 18, 2006
    risk 0.00cvss epss 0.02

    login.pl in SQL-Ledger before 2.6.21 and LedgerSMB before 1.1.5 allows remote attackers to execute arbitrary Perl code via the "-e" flag in the script parameter, which is used as an argument to the perl program.

  • CVE-2006-4798Sep 14, 2006
    risk 0.00cvss epss 0.01

    SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history.