Lucene search
+L

56 matches found

Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.400 views

PrusaSlicer 2.6.1 - Arbitrary code execution

Exploit Title: PrusaSlicer 2.6.1 - Arbitrary code execution on g-code export Date: 16/01/2024 Exploit Author: Kamil Breński Vendor Homepage: https://www.prusa3d.com Software Link: https://github.com/prusa3d/PrusaSlicer Version: PrusaSlicer up to and including version 2.6.1 Tested on: Windows and...

5.3CVSS6.8AI score0.0072EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/07/11 4:36 p.m.37 views

USN-6216-1: lib3mf vulnerability

It was discovered that lib3mf did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted 3MF file, a local attacker could possibly use this issue to cause applications using lib3mf to crash, resulting in a denial of service, or possibly...

8.1CVSS8AI score0.04339EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2023/04/24 12:0 a.m.35 views

Microsoft Excel 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3MF...

7.8CVSS7.7AI score0.00784EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/04/24 12:0 a.m.37 views

Microsoft Excel 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3MF...

7.8CVSS7.7AI score0.00784EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2022/08/04 12:0 a.m.46 views

3MF Consortium lib3mf: Remote code execution

Background lib3mf is an implementation of the 3D Manufacturing Format file standard. Description Incorrect memory handling within lib3mf could result in a use-after-free. Impact An attacker that can provide malicious input to an application using 3MF Consortium's lib3mf could achieve remote code...

8.1CVSS3.9AI score0.04339EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/08/04 12:0 a.m.45 views

GLSA-202208-01 : 3MF Consortium lib3mf: Remote code execution

The remote host is affected by the vulnerability described in GLSA-202208-01 3MF Consortium lib3mf: Remote code execution - A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code...

8.1CVSS8AI score0.04339EPSS
Exploits1References3
CNVD
CNVD
added 2022/01/27 12:0 a.m.50 views

Slic3r Denial of Service Vulnerability (CNVD-2022-67485)

slic3r is a slic3r open source 3D printing toolkit used to convert various 3-D print model file types into printer-specific machine code. slic3r version 1.3.0 has a denial-of-service vulnerability in the 3MF parser component that stems from not properly handling incoming error messages. An attack...

5.5CVSS3.1AI score0.0077EPSS
Exploits0References1
OSV
OSV
added 2022/01/25 2:15 p.m.15 views

CVE-2021-45847

Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file...

5.5CVSS6.9AI score
Exploits0References3
Prion
Prion
added 2022/01/25 2:15 p.m.11 views

Input validation

Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file...

4.3CVSS5.3AI score0.0077EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2022/01/25 2:15 p.m.24 views

CVE-2021-45847

Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file...

5.5CVSS6.1AI score0.0077EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/01/25 1:28 p.m.28 views

CVE-2021-45847

Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file...

5.6AI score0.0077EPSS
Exploits0References3
CVE
CVE
added 2022/01/25 1:28 p.m.53 views

CVE-2021-45847

CVE-2021-45847 affects libslic3r’s 3MF parser in Slic3r/libslic3r v1.3.0. The vulnerability arises from missing input validations in the 3MF parser, allowing an attacker to craft a 3MF input file that can cause the application to crash. This description is consistent across multiple connected sou...

5.5CVSS5.2AI score0.0077EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2022/01/25 1:28 p.m.39 views

CVE-2021-45847

Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file...

5.5CVSS5.3AI score0.0077EPSS
Exploits0
NVD
NVD
added 2021/08/17 8:15 p.m.36 views

CVE-2020-28594

A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS0.01342EPSS
Exploits1References1
OSV
OSV
added 2021/08/17 8:15 p.m.19 views

CVE-2020-28594

A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

7.8CVSS7.2AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/08/17 8:15 p.m.21 views

CVE-2020-28594

A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS7.2AI score0.01342EPSS
Exploits1References2
Prion
Prion
added 2021/08/17 8:15 p.m.17 views

Design/Logic Flaw

A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

6.8CVSS7.7AI score0.01342EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/17 7:15 p.m.30 views

CVE-2020-28594

A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS7.8AI score0.01342EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2021/08/17 7:15 p.m.13 views

CVE-2020-28594

A use-after-free vulnerability exists in the 3MFImporter::handleendmodel functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS8.3AI score0.01342EPSS
Exploits1
CVE
CVE
added 2021/08/17 7:15 p.m.100 views

CVE-2020-28594

The CVE-2020-28594 entry details a use-after-free vulnerability in Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A crafted 3MF file triggers _3MF_Importer::_handle_end_model(), allowing potential code execution. Attacker-controlled input is the trigger, with impact described as ...

8.8CVSS7.7AI score0.01342EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder