16 matches found
CVE-2023-47268
In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported...
EUVD-2020-20992
Malware in sbrugna...
EUVD-2021-8944
Malicious code in bioql PyPI...
EUVD-2024-49132
Malicious code in bioql PyPI...
CVE-2024-8374
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader /plugins/ThreeMFReader.py. The vulnerability arises from improper handling of the droptobuildplate property within 3MF files, which are ZIP archives containing the model data. When...
Ultimaker Cura 安全漏洞
Ultimaker Cura is a state-of-the-art slicer application open-sourced by Ultimaker. It is used to prepare 3D models for 3D printers. A security vulnerability exists in Ultimaker Cura versions 5.7.0-beta.1 through 5.7.2 that stems from improper handling of the droptobuildplate attribute in 3MF file...
USN-6216-1: lib3mf vulnerability
It was discovered that lib3mf did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted 3MF file, a local attacker could possibly use this issue to cause applications using lib3mf to crash, resulting in a denial of service, or possibly...
CVE-2020-28594
A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2020-28594
A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
Design/Logic Flaw
A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2020-28594
A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
PT-2021-11564 · Prusa +1 · Prusaslicer +1
Name of the Vulnerable Software and Affected Versions: PrusaSlicer version 2.2.0 PrusaSlicer Master commit 4b040b856 Description: A use-after-free issue exists in the 3MF Importer:: handle end model functionality. This can be triggered by a specially crafted 3MF file, potentially leading to code...
(0Day) Autodesk Meshmixer 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Meshmixer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing ...
Fedora 33 : lib3mf (2021-b73f9c96ee)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-b73f9c96ee advisory. - A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted...
CVE-2021-21772
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-21772
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...