ZDI-23-212: Open Design Alliance (ODA) Drawing SDK DWG File Parsing Use-After-Free Remote Code Execution Vulnerability

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance (ODA) Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

chromium-135.0.7049.84-1.fc40

FEDORA-2025-4ad8f5e805 Packages in this update: chromium-135.0.7049.84-1.fc40 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

chromium-135.0.7049.84-1.el9

FEDORA-EPEL-2025-6930d627d4 Packages in this update: chromium-135.0.7049.84-1.el9 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

chromium-135.0.7049.84-1.el10_1

FEDORA-EPEL-2025-d2ac333cd9 Packages in this update: chromium-135.0.7049.84-1.el10_1 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

chromium-135.0.7049.84-1.fc41

FEDORA-2025-20e35f4f9f Packages in this update: chromium-135.0.7049.84-1.fc41 Update description: Update to 135.0.7049.84 * CVE-2025-3066: Use after free in Site Isolation Read...

April 10, 2025

llama-cpp-b4094-11.fc42

FEDORA-2025-b356588c06 Packages in this update: llama-cpp-b4094-11.fc42 Update description: Fix bz2358011 Read More

April 10, 2025

USN-7431-1: HAProxy vulnerability

Aleandro Prudenzano and Edoardo Geraci discovered that HAProxy incorrectly handled certain uncommon configurations that replace multiple short patterns with a...

April 10, 2025

China-based SMS Phishing Triad Pivots to Banks

Google Cloud: China Achieves “Cyber Superpower” Status

Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity

Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024

SpyNote Malware Targets Android Users with Fake Google Play Pages

AI-Powered AkiraBot Evades CAPTCHA to Spam 80,000 Websites

Operation Endgame Continues with Smokeloader Customer Arrests

Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing

WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit

ZDI-23-212: Open Design Alliance (ODA) Drawing SDK DWG File Parsing Use-After-Free Remote Code Execution Vulnerability

chromium-135.0.7049.84-1.fc40

chromium-135.0.7049.84-1.el9

chromium-135.0.7049.84-1.el10_1

chromium-135.0.7049.84-1.fc41

llama-cpp-b4094-11.fc42

USN-7431-1: HAProxy vulnerability