CVE-2021-40402

CRITICAL Year: 2021
CVSS v3 Score
9.3
Critical
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-755
View all →

Vulnerability Description

An out-of-bounds read vulnerability exists in the RS-274X aperture macro multiple outline primitives functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.7.1 and 2.8.0. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.

Related Vulnerabilities

CVE-2009-5043

CRITICAL
CVSS:9.8(Critical)

burn allows file names to escape via mishandled quotation marks

CWE-7552009

CVE-2017-2877

CRITICAL
CVSS:9.8(Critical)

A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attac...

CWE-7552017

CVE-2017-5638

CRITICAL
CVSS:9.8(Critical)

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows re...

CWE-7552017

CVE-2018-19991

CRITICAL
CVSS:9.8(Critical)

VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because there is no error handler (for get_uri_args or get_post_args) to block the API misuse described in CVE-20...

CWE-7552018

CVE-2019-12815

CRITICAL
CVSS:9.8(Critical)

An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.

CWE-7552019

CVE-2019-14287

HIGH
CVSS:8.8(High)

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a craf...

CWE-7552019