Filtered by vendor Assimp
Subscriptions
Total
11 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-53425 | 1 Assimp | 1 Assimp | 2024-11-26 | 6.2 Medium |
A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash. | ||||
CVE-2024-48423 | 1 Assimp | 1 Assimp | 2024-11-21 | 7.8 High |
An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library. | ||||
CVE-2024-40724 | 2 Assimp, Open Asset Import Library | 2 Assimp, Open Asset Import Library | 2024-11-21 | 8.4 High |
Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.2 allows a local attacker to execute arbitrary code by inputting a specially crafted file into the product. | ||||
CVE-2022-45748 | 1 Assimp | 1 Assimp | 2024-11-21 | 8.8 High |
An issue was discovered with assimp 5.1.4, a use after free occurred in function ColladaParser::ExtractDataObjectFromChannel in file /code/AssetLib/Collada/ColladaParser.cpp. | ||||
CVE-2022-38528 | 1 Assimp | 1 Assimp | 2024-11-21 | 6.5 Medium |
Open Asset Import Library (assimp) commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes. | ||||
CVE-2021-45948 | 1 Assimp | 1 Assimp | 2024-11-21 | 5.5 Medium |
Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper). | ||||
CVE-2024-48426 | 1 Assimp | 1 Assimp | 2024-10-29 | 6.2 Medium |
A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an invalid memory address (0x1000c9714971). | ||||
CVE-2024-48425 | 1 Assimp | 1 Assimp | 2024-10-28 | 5.5 Medium |
A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero page, indicating a null or invalid pointer dereference. | ||||
CVE-2024-48424 | 1 Assimp | 1 Assimp | 2024-10-28 | 5.5 Medium |
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files. | ||||
CVE-2024-46632 | 1 Assimp | 1 Assimp | 2024-09-30 | 4.3 Medium |
Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function. | ||||
CVE-2024-45679 | 1 Assimp | 1 Assimp | 2024-09-20 | 8.4 High |
Heap-based buffer overflow vulnerability in Assimp versions prior to 5.4.3 allows a local attacker to execute arbitrary code by importing a specially crafted file into the product. |
Page 1 of 1.