In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between December 26-27, 2023.
During this period, The National Vulnerability Database published 68, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 0
High: 1
Medium: 2
Low: 2
Severity Not Assigned: 63
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-5180
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An issue was discovered in Open Design Alliance
Drawings SDK before 2024.12. A corrupted value of number
of sectors used by the Fat structure in a crafted DGN file leads to an
out-of-bounds write. An attacker can leverage this vulnerability to execute
code in the context of the current process.
References: https://www.opendesign.com/security-advisories
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between December 26-27, 2023.
During this period, The National Vulnerability Database published 68, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 0
High: 1
Medium: 2
Low: 2
Severity Not Assigned: 63
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-5180
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An issue was discovered in Open Design Alliance
Drawings SDK before 2024.12. A corrupted value of number
of sectors used by the Fat structure in a crafted DGN file leads to an
out-of-bounds write. An attacker can leverage this vulnerability to execute
code in the context of the current process.
References: https://www.opendesign.com/security-advisories
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found