Eldstal

**Name of the Vulnerable Software and Affected Versions** LibreCAD version 2.2.0 **Description** A Buffer Overflow issue in the importshp plugin allows attackers to obtain sensitive information via a crafted DBF file. **Recommendations** For LibreCAD version 2.2.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RaspAP raspap-webgui versions 2.8.8 and earlier **Description** A command injection issue allows remote attackers to execute arbitrary commands by sending a crafted POST request to the hostapd settings form. This can be achieved via the `hostapd settings form`, which is vulnerable to command injection attacks. The `POST request` is used to exploit this issue. **Recommendations** For versions 2.8.8 and earlier, consider disabling the hostapd settings form until a patch is available to prevent command injection attacks. Restrict access to the raspap-webgui to minimize the risk of exploitation. Avoid using the vulnerable form in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Openscad (affected versions not specified) **Description** A vulnerability was found in Openscad where a .scad file with no trailing newline could cause an out-of-bounds read during parsing of annotations. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Openscad (affected versions not specified) **Description** A vulnerability was found in Openscad, where a DXF-format drawing with particular properties may cause an out-of-bounds memory access when imported using the `import()` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libslic3r version 1.3.0 **Description** A flaw in the AMF parser of libslic3r allows an attacker to cause an application crash using a crafted AMF document, where a metadata tag lacks a `type` attribute. **Recommendations** For libslic3r version 1.3.0, consider disabling the AMF parser functionality until a patch is available to prevent potential crashes.

**Name of the Vulnerable Software and Affected Versions** Slic3r libslic3r version 1.3.0 **Description** The issue is related to several missing input validations in the 3MF parser component of Slic3r libslic3r. This can allow an attacker to cause an application crash using a crafted 3MF input file. **Recommendations** For Slic3r libslic3r version 1.3.0, consider disabling the 3MF parser component until a patch is available to prevent potential application crashes from crafted 3MF input files.

**Name of the Vulnerable Software and Affected Versions** FreeCAD version 0.19 **Description** The Path Sanity Check script is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document. **Recommendations** For FreeCAD version 0.19, consider disabling the Path Sanity Check script until a patch is available to prevent OS command injection attacks.

**Name of the Vulnerable Software and Affected Versions** Libsixel versions prior to and including v1.10.3 **Description** A NULL pointer dereference in the stb image.h component of libsixel allows attackers to cause a denial of service (DOS) via a crafted PICT file. This issue affects Libsixel and can be exploited by attackers to disrupt service. **Recommendations** For versions prior to and including v1.10.3, update to a version later than v1.10.3 to resolve the issue. As a temporary workaround, consider restricting the processing of PICT files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** LibreCAD version 2.2.0 **Description** A NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document. **Recommendations** For LibreCAD version 2.2.0, consider updating to a newer version that addresses this issue, as no specific fix is provided for this version. As a temporary workaround, avoid using crafted DXF documents that could trigger the NULL pointer dereference in the HATCH handling of libdxfrw.

**Name of the Vulnerable Software and Affected Versions** FreeCAD version 0.19 **Description** The issue is related to improper sanitization in the invocation of ODA File Converter from FreeCAD, allowing an attacker to inject OS commands via a crafted filename. **Recommendations** For FreeCAD version 0.19, consider disabling the invocation of ODA File Converter until a patch is available to prevent OS command injection via crafted filenames.

**Name of the Vulnerable Software and Affected Versions** shapelib versions 1.5.0 and older **Description** The issue is related to a double-free condition in the shapelib library, specifically in the contrib/shpsort.c file. This condition may allow a remote attacker to cause a denial of service or have other unspecified impact via control over `malloc`. **Recommendations** For shapelib versions 1.5.0 and older, update to a version newer than 1.5.0 to resolve the issue. As a temporary workaround, consider restricting access to the `contrib/shpsort.c` file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** LibreCAD versions 2.2.0-rc3 and older **Description** A buffer overflow vulnerability in CDataList of the jwwlib component allows an attacker to achieve Remote Code Execution using a crafted JWW document. **Recommendations** For LibreCAD versions 2.2.0-rc3 and older, consider disabling the CDataList component of the jwwlib until a patch is available to prevent Remote Code Execution attacks using crafted JWW documents. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LibreCAD versions 2.2.0-rc3 and older **Description** A buffer overflow vulnerability in CDataMoji of the jwwlib component allows an attacker to achieve Remote Code Execution using a crafted JWW document. **Recommendations** For LibreCAD versions 2.2.0-rc3 and older, consider updating to a newer version to mitigate the risk of exploitation. As a temporary workaround, restrict the use of crafted JWW documents to minimize the risk of Remote Code Execution.