Lucene search
K

7 matches found

NVD
NVD
added 2024/09/03 10:15 a.m.32 views

CVE-2024-8374

UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader /plugins/ThreeMFReader.py. The vulnerability arises from improper handling of the droptobuildplate property within 3MF files, which are ZIP archives containing the model data. When...

7.8CVSS0.00433EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/04/24 12:0 a.m.35 views

Microsoft Excel 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3MF...

7.8CVSS7.7AI score0.00784EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/04/24 12:0 a.m.34 views

Microsoft Excel 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3MF...

7.8CVSS7.7AI score0.00784EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/07/29 12:0 a.m.56 views

(0Day) Microsoft 3D Viewer 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.6CVSS5.6AI score0.04938EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2021/07/19 12:0 a.m.121 views

(0Day) Autodesk Meshmixer 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Meshmixer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing ...

7.8CVSS4.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2021/06/17 12:0 a.m.57 views

(0Day) Microsoft 3D Viewer 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.6CVSS5.6AI score0.03821EPSS
Exploits0
Talos
Talos
added 2020/04/21 12:0 a.m.28 views

Prusa Research PrusaSlicer _3MF_Importer::_handle_end_model() use-after-free vulnerability

Summary A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested...

8.8CVSS7.9AI score0.01342EPSS
Exploits1
Rows per page
Query Builder