MiracleLinux 7 : firefox-115.3.1-1.0.1.el7.AXS7 (AXSA:2023-6514:39)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6514:39 advisory. firefox: use-after-free in workers CVE-2023-3600 Mozilla: Out-of-bounds write in PathOps CVE-2023-5169 Mozilla: Use-after-free in Ion Compiler...

MiracleLinux 8 : thunderbird-115.3.1-1.el8.ML.1 (AXSA:2023-6497:29)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6497:29 advisory. firefox: use-after-free in workers CVE-2023-3600 Mozilla: Out-of-bounds write in PathOps CVE-2023-5169 Mozilla: Use-after-free in Ion Compiler...

MiracleLinux 9 : thunderbird-115.3.1-1.el9.ML.1 (AXSA:2023-6492:28)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6492:28 advisory. firefox: use-after-free in workers CVE-2023-3600 Mozilla: Out-of-bounds write in PathOps CVE-2023-5169 Mozilla: Use-after-free in Ion Compiler...

TencentOS Server 2: thunderbird (TSSA-2023:0235)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0235 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

fable3d (>=1.0.0 <=1.1.4), liblaf-melon (>=0.1.10 <=0.1.17) +4 more potentially affected by CVE-2025-5169 via pyassimp (=5.2.5)

pyassimp PYPI version =5.2.5 is affected by a known vulnerability. The following packages have a transitive dependency on pyassimp and may be impacted: - fable3d =1.0.0, =0.1.10, =0.2.1, =0.2.14, =0.1.4, =0.2.0, =0.2.1 Source cves: CVE-2025-5169 Source advisory: OSV:PYSEC-2025-176...

CVE-2025-5169

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approac...

CVE-2025-5169

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approac...

CVE-2025-5169

creationtimestamp| type| source ---|---|--- 2025-05-26 04:47:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17526...

CVE-2025-5169

CVE-2025-5169 affects Open Asset Import Library (Assimp) version 5.4.3. The issue is in MDLImporter::InternReadFile_3DGS_MDL345 inside MDLLoader.cpp and causes an out-of-bounds read. Local access is required. The description notes that the exploit has been disclosed publicly and may be used. Ther...

CVE-2025-5169 Open Asset Import Library Assimp MDLLoader.cpp InternReadFile_3DGS_MDL345 out-of-bounds

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approac...

CVE-2025-5169

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approac...

CVE-2025-5169

A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approac...

CVE-2010-5169

Race condition in Online Armor Premium 4.0.0.35 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

CVE-2019-5169

An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.0214. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially...

CVE-2013-5169

CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to obtain sensitive information by reading the screen...

CVE-2024-5169 Video Widget <= 1.2.3 - Admin+ Stored XSS via Widget

The Video Widget WordPress plugin through 1.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2023:4016-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : oddjob vulnerability (USN-5169-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5169-1 advisory. Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated...

Oracle Linux 7 : firefox (ELSA-2023-5477)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-5477 advisory. 115.3.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

Oracle Linux 7 : thunderbird (ELSA-2023-5475)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-5475 advisory. 115.3.1-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.3.1-1 - Update to...