828 matches found
libav 安全漏洞
Libav is a cross-platform solution for recording and converting audio and video from the Libav team that includes a libavcodec encoder. A security vulnerability exists in libav 12.3 and earlier versions, which stems from a null pointer dereference in the function avbufferunref in the file...
PT-2025-31955 · Libav · Libav
Name of the Vulnerable Software and Affected Versions: libav versions up to 12.3 Description: A problematic issue exists in libav due to a null pointer dereference in the ff seek frame binary function within the /libavformat/utils.c file of the MPEG File Parser component. The issue is exploitable...
SUSE CVE-2025-5030
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...
MGASA-2025-0190 Updated clamav packages fix security vulnerability
Fixed a possible buffer overflow write bug in the PDF file parser that could cause a denial-of-service DoS condition or enable remote code execution. CVE-2025-20260...
CVE-2025-5166
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...
PYSEC-2025-173
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...
CVE-2025-5166
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...
PYSEC-2025-173
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...
DEBIAN-CVE-2025-5166
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...
UBUNTU-CVE-2025-5166
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...
CVE-2025-5166
Open Asset Import Library Assimp 5.4.3 contains CVE-2025-5166 affecting MDCImporter::InternReadFile in MDCLoader.cpp (MDC File Parser). The manipulation of the argument pcVerts leads to an out-of-bounds read and local access may be exploited. Public disclosure of the exploit is noted. Connected O...
CVE-2025-5166 Open Asset Import Library Assimp MDC File Parser MDCLoader.cpp InternReadFile out-of-bounds
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...
CVE-2025-5166 Open Asset Import Library Assimp MDC File Parser MDCLoader.cpp InternReadFile out-of-bounds
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function MDCImporter::InternReadFile of the file assimp/code/AssetLib/MDC/MDCLoader.cpp of the component MDC File Parser. The manipulation of the argument pcVerts leads to...
PT-2025-22882 · Assimp +1 · Assimp +1
Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A vulnerability was found in the Open Asset Import Library Assimp. It has been classified as problematic and affects the function MDCImporter::InternReadFile of the component MDC Fil...
CVE-2012-1440
The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. NOTE: this may later be SPLIT into...
CVE-2012-1430
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway formerly Webwasher 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the processFile function in the wxapkg File Parser component. An attacker can execute arbitrary system commands by providing crafted input to this function. Remediation There is no fixed version for...
Ackites KillWxapkg vulnerable to OS Command Injection
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...
GHSA-W6P4-84VC-QC2W Ackites KillWxapkg vulnerable to OS Command Injection
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...
CVE-2025-5030 Ackites KillWxapkg wxapkg File Parser unpack.go processFile os command injection
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated...