31 matches found
CVE-2026-2435
Tanium addressed a SQL injection vulnerability in Asset...
CVE-2025-15344
Tanium addressed a SQL injection vulnerability in Asset...
OESA-2026-1217 assimp security update
Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was found in Open...
EUVD-2014-1359
Malware in sbrugna...
EUVD-2019-8871
Malware in sbrugna...
CVE-2025-11275 Open Asset Import Library Assimp OpenDDLParserUtils.h getNextSeparator heap-based overflow
A vulnerability was identified in Open Asset Import Library Assimp 6.0.2. Affected by this vulnerability is the function ODDLParser::getNextSeparator in the library assimp/contrib/openddlparser/include/openddlparser/OpenDDLParserUtils.h. Such manipulation leads to heap-based buffer overflow. The...
assimp: Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow
A flaw has been found in the Open Asset Import Library assimp. In affected versions, a malformed LWO file may trigger a heap-based buffer overflow, which may lead to an application crash or other undefined behavior...
CVE-2025-6120
A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function readmeshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow. It is possible to...
SUSE CVE-2025-5203
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function SkipSpaces in the library assimp/include/assimp/ParsingUtils.h. The manipulation leads to out-of-bounds read. Local access is required to approach this...
PYSEC-2025-175
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function MDLImporter::ImportUVCoordinate3DGSMDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument iIndex leads to out-of-bound...
PYSEC-2025-173
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...
CVE-2019-19245
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...
Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection
Exploit Title: Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection Exploit author: hyp3rlinx import requests,time,re,sys,argparse NAPC Xinet Elegant 6 Asset Library v6.1.655 Pre-Auth SQL Injection 0day Exploit By hyp3rlinx ApparitionSec UPDATED: Jan 2024 for python3 TODO: add SSL support...
Open Asset Import Library(assimp) 安全漏洞
Open Asset Import Library assimp is a library in the Open Asset Import Library open source. A security vulnerability exists in Open Asset Import Library assimp version 5.4.3, which stems from a heap buffer overflow in the LWO file handling component...
Liferay Portal和Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...
CVE-2022-38528
Open Asset Import Library assimp commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes...
PT-2021-24333 · Unknown · Open Asset Import Library
Name of the Vulnerable Software and Affected Versions: Open Asset Import Library aka assimp versions 5.1.0 through 5.1.1 Description: The issue is a heap-based buffer overflow in the m3d safestr function, which is called from m3d load and Assimp::M3DWrapper::M3DWrapper. Recommendations: For...
NAPC Xinet Elegant 6 Asset Library SQL injection (CVE-2019-19245)
An SQL injection vulnerability exists in NAPC Xinet Elegant 6 Asset Library. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
MS15-022: Description of the security update for SharePoint Server 2013 and SharePoint Foundation 2013: March 10, 2015
Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Office.IntroductionThis security update resolves vulnerabilities in Microsoft Office that could...
CVE-2019-19245
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginFormusername field when double quotes are used...