1019 matches found
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation via the loadweightckpt function. An attacker can manipulate the deserialization process by providing malicious input to the PT File Handler component. Remediation There is no fixed version for lmdeploy...
CVE-2025-3160
A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the component File Handler. The manipulation leads to out-of-bounds rea...
CVE-2025-3160 Open Asset Import Library Assimp File SceneCombiner.cpp AddNodeHashes out-of-bounds
A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the component File Handler. The manipulation leads to out-of-bounds rea...
UBUNTU-CVE-2025-3158
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.cpp of the component LWO File Handler. The manipulation...
UBUNTU-CVE-2025-3159
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASE::Parser::ParseLV4MeshBonesVertices of the file code/AssetLib/ASE/ASEParser.cpp of the component ASE File Handler. The manipulation leads to heap-based buff...
CVE-2025-3159
The CVE-2025-3159 issue concerns the Open Asset Import Library (Assimp) 5.4.3, specifically the ASE File Handler’s function Assimp::ASE::Parser::ParseLV4MeshBonesVertices. The vulnerability is a heap-based overflow in ASEParser.cpp, with local attack requirements. The advisory notes this as a cri...
CVE-2025-3159 Open Asset Import Library Assimp ASE File ASEParser.cpp ParseLV4MeshBonesVertices heap-based overflow
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASE::Parser::ParseLV4MeshBonesVertices of the file code/AssetLib/ASE/ASEParser.cpp of the component ASE File Handler. The manipulation leads to heap-based buff...
CVE-2025-3158 Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.cpp of the component LWO File Handler. The manipulation...
CVE-2025-3158 Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. Affected by this issue is the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup of the file code/AssetLib/LWO/LWOAnimation.cpp of the component LWO File Handler. The manipulation...
PT-2025-14770 · Unknown · Internlm Lmdeploy
Name of the Vulnerable Software and Affected Versions: InternLM LMDeploy versions up to 0.7.1 Description: A critical issue was found in InternLM LMDeploy, affecting the function load weight ckpt of the file lmdeploy/lmdeploy/vl/model/utils.py in the component PT File Handler. The manipulation...
CVE-2025-2977
A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...
CVE-2025-3015 Open Asset Import Library Assimp ASE File ASELoader.cpp BuildUniqueRepresentation out-of-bounds
A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argument mIndices leads ...
CVE-2025-2977
A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...
CVE-2025-2977
A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...
CVE-2025-2977 GFI KerioConnect PDF File cross site scripting
A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...
CVE-2025-2977 GFI KerioConnect PDF File cross site scripting
A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...
Open Asset Import Library 安全漏洞
Open Asset Import Library assimp is an Open Asset Import Library open source library. A security vulnerability exists in Open Asset Import Library version 5.4.3, which stems from a resource consumption in the MDL File Handler component...
Open Asset Import Library(assimp) 安全漏洞
Open Asset Import Library assimp is a library in the Open Asset Import Library open source. A security vulnerability exists in Open Asset Import Library assimp version 5.4.3, which stems from an out-of-bounds read in the ASE File Handler component...
GFI KerioConnect 代码注入漏洞
GFI KerioConnect is an enterprise-grade email and collaboration solution from GFI that provides mail, calendar, contacts, tasks, and file sharing. A code injection vulnerability exists in GFI KerioConnect version 10.0.6, which stems from a cross-site scripting vulnerability in the PDF File Handle...
CVE-2025-2954
A vulnerability, which was classified as problematic, was found in mannaandpoem OpenManus up to 2025.3.13. This affects the function execute of the file app/tool/filesaver.py of the component File Handler. The manipulation leads to improper access controls. Local access is required to approach th...